Moderate severityNVD Advisory· Published May 21, 2013· Updated Jun 16, 2026
CVE-2013-2059
CVE-2013-2059
Description
OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keystonePyPI | < 8.0.0a0 | 8.0.0a0 |
Affected products
3Patches
Vulnerability mechanics
References
17- bugs.launchpad.net/keystone/+bug/1166670nvdExploitWEB
- secunia.com/advisories/53326nvdVendor Advisory
- secunia.com/advisories/53339nvdVendor Advisory
- github.com/advisories/GHSA-hj89-qmx9-8qmhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-2059ghsaADVISORY
- lists.fedoraproject.org/pipermail/package-announce/2013-May/105916.htmlnvdWEB
- lists.fedoraproject.org/pipermail/package-announce/2013-May/106220.htmlnvdWEB
- lists.opensuse.org/opensuse-updates/2013-06/msg00085.htmlnvdWEB
- www.openwall.com/lists/oss-security/2013/05/09/3nvdWEB
- www.openwall.com/lists/oss-security/2013/05/09/4nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/84135nvdWEB
- github.com/openstack/keystone/commit/33214f311aa36b17f8f5ff06bee2130bf061df8fghsaWEB
- github.com/openstack/keystone/commit/678b06a91f772d6be82eb54ed11f27e20f446b57ghsaWEB
- github.com/openstack/keystone/commit/992466d1dbf80a940190703dedf800d6d12dede8ghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/keystone/PYSEC-2013-41.yamlghsaWEB
- osvdb.org/93134nvd
- www.securityfocus.com/bid/59787nvd
News mentions
0No linked articles in our index yet.