CVE-2013-4222

OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.

Date published : 2013-09-30

https://bugs.launchpad.net/ossn/+bug/1179955

http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116489.html