VYPR
Low severityNVD Advisory· Published Nov 2, 2013· Updated Jun 16, 2026

CVE-2013-4477

CVE-2013-4477

Description

The LDAP backend in OpenStack Identity (Keystone) Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
keystonePyPI
< 8.0.0a08.0.0a0

Affected products

3

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.