CVE-2014-3520 is a vulnerability in OpenStack Keystone
Published on October 26, 2014
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request.
Products Associated with CVE-2014-3520
Want to know whenever a new CVE is published for OpenStack Keystone? stack.watch will email you.
Exploit Probability
EPSS
0.43%
Percentile
62.09%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.