Upstream information
Description
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 4.3 |
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | Partial |
| Availability Impact | None |
SUSE Security Advisories:
- SUSE-SU-2013:1113-1, published Mon Jul 1 11:04:16 MDT 2013 openSUSE-SU-2013:1089-1
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 06:50:15 2013CVE page last modified: Thu Dec 7 13:06:13 2023