CVE-2019-10138 is a vulnerability in Python Novajoin
Published on July 30, 2019
A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
Weakness Type
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2019-10138 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2019-10138
Want to know whenever a new CVE is published for Python Novajoin? stack.watch will email you.
Affected Versions
Red Hat python-novajoin Version all up to, excluding 1.1.1 is affected by CVE-2019-10138Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.