{"id":"PYSEC-2012-35","details":"OpenStack Keystone Essex (2012.1) and Folsom (2012.2) does not properly handle EC2 tokens when the user role has been removed from a tenant, which allows remote authenticated users to bypass intended authorization restrictions by leveraging a token for the removed user role.","modified":"2025-10-09T05:19:03.019846Z","published":"2012-12-18T01:55:00Z","withdrawn":"2024-11-22T04:37:04Z","references":[{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2012/11/28/5"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2012/11/28/6"},{"type":"ADVISORY","url":"http://secunia.com/advisories/51423"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-1641-1"},{"type":"ADVISORY","url":"http://secunia.com/advisories/51436"},{"type":"FIX","url":"https://bugs.launchpad.net/keystone/+bug/1064914"},{"type":"FIX","url":"https://github.com/openstack/keystone/commit/37308dd4f3e33f7bd0f71d83fd51734d1870713b"},{"type":"FIX","url":"https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19"},{"type":"FIX","url":"https://github.com/openstack/keystone/commit/9d68b40cb9ea818c48152e6c712ff41586ad9653"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2012-1556.html"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2012-1557.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/56726"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80333"}],"affected":[{"package":{"name":"keystone","ecosystem":"PyPI","purl":"pkg:pypi/keystone"},"ranges":[{"type":"GIT","repo":"https://github.com/openstack/keystone","events":[{"introduced":"0"},{"fixed":"37308dd4f3e33f7bd0f71d83fd51734d1870713b"},{"fixed":"8735009dc5b895db265a1cd573f39f4acfca2a19"},{"fixed":"9d68b40cb9ea818c48152e6c712ff41586ad9653"}]},{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["12.0.2","12.0.3","13.0.2","13.0.3","13.0.4","14.0.0","14.0.1","14.1.0","14.2.0","15.0.0","15.0.0.0rc1","15.0.0.0rc2","15.0.1","16.0.0","16.0.0.0rc1","16.0.0.0rc2","16.0.1","16.0.2","17.0.0","17.0.0.0rc1","17.0.0.0rc2","17.0.1","18.0.0","18.0.0.0rc1","18.1.0","19.0.0","19.0.0.0rc1","19.0.0.0rc2","19.0.1","20.0.0","20.0.0.0rc1","20.0.1","21.0.0","21.0.0.0rc1","21.0.1","22.0.0","22.0.0.0rc1","22.0.1","22.0.2","23.0.0","23.0.0.0rc1","23.0.1","23.0.2","24.0.0","24.0.0.0rc1","25.0.0","25.0.0.0rc1","26.0.0","26.0.0.0rc1","24.1.0","27.0.0","27.0.0.0rc1","28.0.0","28.0.0.0rc1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/keystone/PYSEC-2012-35.yaml"}}],"schema_version":"1.7.3"}