VYPR
Unrated severityNVD Advisory· Published Sep 30, 2013· Updated Jun 16, 2026

CVE-2013-4222

CVE-2013-4222

Description

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:openstack:keystone:*:*:*:*:*:*:*:*range: >=2013.1,<=2013.1.3
    • (no CPE)range: <= 2013.1.3 (Grizzly) and < havana-3 (Havana) [also Folsom all versions]
  • cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.