VDB
CVE-2013-1865
CVE-2013-1865
PUBLISHED
CVSS 6.800000190734863 MEDIUM
OpenStack Keystone Improper Authentication vulnerability
EPSS 1.16% · 79.0th percentile
Risk Scores
CVSS 2.0
6.800000190734863
EPSS Score
1.16%
79.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| canonical | ubuntu_linux | 12.10 |
| n/a | n/a | n/a |
| PyPI | keystone | 2012.2 |
| openstack | folsom | 2012.2 |
Timeline
- Mar 22, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 8, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- [oss-security] 20130320 [OSSA 2013-009] Keystone PKI tokens online validation bypasses revocation check (CVE-2013-1865) mailing-list
- 52657 third-party-advisory
- openSUSE-SU-2013:0565 vendor-advisory
- FEDORA-2013-4590 vendor-advisory
- https://bugs.launchpad.net/keystone/+bug/1129713 url
- https://review.openstack.org/#/c/24906/ url
- 58616 vdb
- USN-1772-1 vendor-advisory
- 91532 vdb
- RHSA-2013:0708 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2013-1865 advisory
- https://access.redhat.com/errata/RHSA-2013:0708 url
- https://access.redhat.com/security/cve/CVE-2013-1865 url
- https://bugzilla.redhat.com/show_bug.cgi?id=922230 url
- https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-39.yaml url
- https://opendev.org/openstack/keystone package
- https://review.openstack.org/#/c/24906 url
- https://review.openstack.org/24906 url
- https://web.archive.org/web/20170715155558/http://www.securityfocus.com/bid/58616 url
- http://github.com/openstack/keystone/commit/255b1d43500f5d98ec73a0056525b492b14fec05 url