CVE-2013-2059

OpenStack Identity (Keystone) Folsom 2012.2.4 and earlier, Grizzly before 2013.1.1, and Havana does not immediately revoke the authentication token when deleting a user through the Keystone v2 API, which allows remote authenticated users to retain access via the token.

Date published : 2013-05-21

http://www.securityfocus.com/bid/59787

https://bugs.launchpad.net/keystone/+bug/1166670