Security Advisory

CVE-2014-3621

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-10-02 14:00:00

Last updated 2024-08-06 10:50:17

Assigner redhat

State PUBLISHED

Description

The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field.

← Browse all CVEs View on cve.org ↗