Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'Keystonemiddleware'
2015-04-17
CVE-2015-1852
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate, a different vulnerability than CVE-2014-7144.
2014-10-02
CVE-2014-7144
OpenStack keystonemiddleware (formerly python-keystoneclient) 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate.
>>>
Vendor:
Openstack
55
Produkty
Manila
HEAT
Compute
Essex
NOVA
Horizon
Diablo
Folsom
Keystone
Swift
Glance
Grizzly
Cinder folsom
Compute (nova) essex
Compute (nova) folsom
Keystone essex
Devstack
Havana
Openstack
Python glanceclient
Python-keystoneclient
Image registry and delivery service (glance)
Ceilometer
OSLO
Icehouse
Neutron
JUNO
Pycadf
Telemetry (ceilometer)
Keystonemiddleware
Cinder
Trove
Compute (nova)
KILO
Ironic inspector
Swift3
Tripleo heat templates
Mitaka-murano
Murano
Murano-dashboard
Python-muranoclient
Puppet-gerrit
Nova-lxd
Ironic
Cloud magnum orchestration
Designate
Instack-undercloud
Swauth
Puppet-tripleo
Oslo.middleware
Tripleo-common
Magnum
Ironic-inspector
Os-vif
Puppet-swift
Copyright
2024
, cxsecurity.com
Back to Top