VYPR
Moderate severityNVD Advisory· Published Apr 12, 2013· Updated Jun 16, 2026

CVE-2013-0282

CVE-2013-0282

Description

OpenStack Keystone Grizzly before 2013.1, Folsom 2012.1.3 and earlier, and Essex does not properly check if the (1) user, (2) tenant, or (3) domain is enabled when using EC2-style authentication, which allows context-dependent attackers to bypass access restrictions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
KeystonePyPI
< 8.0.0a08.0.0a0

Affected products

5
  • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*range: >=2012.1,<=2012.1.3
    • cpe:2.3:a:openstack:keystone:2013.1:milestone1:*:*:*:*:*:*
    • cpe:2.3:a:openstack:keystone:2013.1:milestone2:*:*:*:*:*:*
    • cpe:2.3:a:openstack:keystone:2013.1:milestone3:*:*:*:*:*:*
  • ghsa-coords
    Range: < 8.0.0a0

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.