Rapid7 Vulnerability & Exploit Database

SUSE Linux Security Vulnerability: CVE-2013-0282

Back to Search

SUSE Linux Security Vulnerability: CVE-2013-0282

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
04/12/2013
Created
07/25/2018
Added
12/12/2013
Modified
07/04/2017

Description

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

Solution(s)

  • suse-upgrade-openstack-cinder
  • suse-upgrade-openstack-cinder-api
  • suse-upgrade-openstack-cinder-doc
  • suse-upgrade-openstack-cinder-scheduler
  • suse-upgrade-openstack-cinder-test
  • suse-upgrade-openstack-cinder-volume
  • suse-upgrade-openstack-dashboard
  • suse-upgrade-openstack-dashboard-test
  • suse-upgrade-openstack-glance
  • suse-upgrade-openstack-glance-doc
  • suse-upgrade-openstack-glance-test
  • suse-upgrade-openstack-keystone
  • suse-upgrade-openstack-keystone-doc
  • suse-upgrade-openstack-keystone-test
  • suse-upgrade-openstack-nova
  • suse-upgrade-openstack-nova-api
  • suse-upgrade-openstack-nova-cert
  • suse-upgrade-openstack-nova-compute
  • suse-upgrade-openstack-nova-doc
  • suse-upgrade-openstack-nova-network
  • suse-upgrade-openstack-nova-novncproxy
  • suse-upgrade-openstack-nova-objectstore
  • suse-upgrade-openstack-nova-scheduler
  • suse-upgrade-openstack-nova-test
  • suse-upgrade-openstack-nova-vncproxy
  • suse-upgrade-openstack-nova-volume
  • suse-upgrade-openstack-quantum
  • suse-upgrade-openstack-quantum-doc
  • suse-upgrade-openstack-quantum-test
  • suse-upgrade-openstack-quickstart
  • suse-upgrade-openstack-swift
  • suse-upgrade-openstack-swift-account
  • suse-upgrade-openstack-swift-container
  • suse-upgrade-openstack-swift-doc
  • suse-upgrade-openstack-swift-object
  • suse-upgrade-openstack-swift-proxy
  • suse-upgrade-openstack-swift-test
  • suse-upgrade-python-cinder
  • suse-upgrade-python-cinderclient
  • suse-upgrade-python-cinderclient-doc
  • suse-upgrade-python-cinderclient-test
  • suse-upgrade-python-django_openstack_auth
  • suse-upgrade-python-glance
  • suse-upgrade-python-horizon
  • suse-upgrade-python-keystone
  • suse-upgrade-python-keystoneclient
  • suse-upgrade-python-keystoneclient-doc
  • suse-upgrade-python-keystoneclient-test
  • suse-upgrade-python-nova
  • suse-upgrade-python-quantum
  • suse-upgrade-python-swift

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;