VYPR
Moderate severityNVD Advisory· Published Oct 9, 2012· Updated Jun 16, 2026

CVE-2012-4457

CVE-2012-4457

Description

OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-3 does not properly handle authorization tokens for disabled tenants, which allows remote authenticated users to access the tenant's resources by requesting a token for the tenant.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
KeystonePyPI
< 8.0.0a08.0.0a0

Affected products

4
  • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*range: >=2012.1,<2012.1.2
    • cpe:2.3:a:openstack:keystone:2012.2:milestone1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:keystone:2012.2:milestone2:*:*:*:*:*:*
  • ghsa-coords
    Range: < 8.0.0a0

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.