VDB
CVE-2013-2059
CVE-2013-2059
PUBLISHED
CVSS 6 MEDIUM
OpenStack Identity (Keystone) improper revoking of the authentication token when deleting a user
EPSS 0.91% · 76.2th percentile
Risk Scores
CVSS 2.0
6
EPSS Score
0.91%
76.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openstack | keystone | 2012.1, 2013.1 |
| PyPI | keystone | 0 |
| n/a | n/a | n/a |
Timeline
- May 21, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- openSUSE-SU-2013:0949 vendor-advisory
- 93134 vdb
- FEDORA-2013-8048 vendor-advisory
- 53326 third-party-advisory
- [oss-security] 20130509 [OSSA 2013-011] Keystone tokens not immediately invalidated when user is deleted (CVE-2013-2059) mailing-list
- keystone-cve20132059-security-bypass(84135) vdb
- FEDORA-2013-8023 vendor-advisory
- https://bugs.launchpad.net/keystone/+bug/1166670 url
- 53339 third-party-advisory
- 59787 vdb
- [oss-security] 20130509 RE: [Openstack] [OSSA 2013-011] Keystone tokens not immediately invalidated when user is deleted (CVE-2013-2059) mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2013-2059 advisory
- https://github.com/openstack/keystone/commit/33214f311aa36b17f8f5ff06bee2130bf061df8f url
- https://github.com/openstack/keystone/commit/678b06a91f772d6be82eb54ed11f27e20f446b57 url
- https://github.com/openstack/keystone/commit/992466d1dbf80a940190703dedf800d6d12dede8 url
- https://github.com/openstack/keystone package
- https://github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-41.yaml url