Low severityNVD Advisory· Published May 21, 2013· Updated Jun 16, 2026
CVE-2013-2006
CVE-2013-2006
Description
OpenStack Identity (Keystone) Grizzly 2013.1.1, when DEBUG mode logging is enabled, logs the (1) admin_token and (2) LDAP password in plaintext, which allows local users to obtain sensitive by reading the log file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keystonePyPI | < 8.0.0a0 | 8.0.0a0 |
Affected products
2Patches
Vulnerability mechanics
References
13- rhn.redhat.com/errata/RHSA-2013-0806.htmlnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-rxrm-xvp4-jqvhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-2006ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.htmlnvdWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.htmlnvdWEB
- www.openwall.com/lists/oss-security/2013/04/24/1nvdWEB
- www.openwall.com/lists/oss-security/2013/04/24/2nvdWEB
- www.securityfocus.com/bid/59411nvdWEB
- bugs.launchpad.net/keystone/+bug/1172195nvdWEB
- bugs.launchpad.net/ossn/+bug/1168252nvdWEB
- github.com/openstack/keystone/commit/c5037dd6b82909efaaa8720e8cfa8bdb8b4a0eddnvdWEB
- github.com/openstack/keystone/commit/d43e2a51a1ed7adbed3c5ddf001d46bc4a824ae8ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-40.yamlghsaWEB
News mentions
0No linked articles in our index yet.