A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-3714-1 | keystone security update |
![]() |
GHSA-cc99-whm5-mmq3 | Openstack Keystone Incorrect Authorization vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-02-13T16:28:24.713Z
Reserved: 2021-05-21T00:00:00.000Z
Link: CVE-2021-3563

No data.

Status : Modified
Published: 2022-08-26T16:15:08.867
Modified: 2024-11-21T06:21:51.270
Link: CVE-2021-3563


No data.