Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:suse:keystone-json-assignment:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-3683 |
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. Published: January 17, 2020; 6:15:11 AM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |