A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2019-07-30T16:16:51
Updated: 2024-08-04T22:10:10.017Z
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10138
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-07-30T17:15:12.390
Modified: 2020-09-30T14:08:54.037
Link: CVE-2019-10138
Redhat