CVE-2014-3621 vulnerability in OpenStack and Other Products
Published on October 2, 2014

The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2014-3621

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2014-3621 are published in these products:

OpenStack Keystone

Red Hat Openstack

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.43%

Percentile

61.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2014-3621 vulnerability in OpenStack and Other ProductsPublished on October 2, 2014

Products Associated with CVE-2014-3621

Exploit Probability

CVE-2014-3621 vulnerability in OpenStack and Other Products
Published on October 2, 2014