CVE-2013-2166

Published: Dec 10, 2019Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass

Affected (6)

Products: Openstack: Python Keystoneclient · Fedoraproject: Fedora · Redhat: Openstack · +1 more

Show all products

Openstack: Python Keystoneclient · Fedoraproject: Fedora · Redhat: Openstack · Debian: Debian Linux

1 product

Python Keystoneclient

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Openstack Python Keystoneclient	From 0.2.3 to 0.2.5

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 19
Redhat Openstack	Version 3.0

Configuration C

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Related CWEs

Inadequate Encryption Strength

The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.

References (16)

http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html

Source: secalert@redhat.com

Mailing ListRelease NotesThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2013-0992.html

Source: secalert@redhat.com

Third Party Advisory

http://www.openwall.com/lists/oss-security/2013/06/19/5

Source: secalert@redhat.com

Issue TrackingMailing ListThird Party Advisory

http://www.securityfocus.com/bid/60684

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://access.redhat.com/security/cve/cve-2013-2166

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2166

Source: secalert@redhat.com

ExploitIssue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2166

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2013-2166

Source: secalert@redhat.com

Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2013-August/113944.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListRelease NotesThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2013-0992.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.openwall.com/lists/oss-security/2013/06/19/5

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingMailing ListThird Party Advisory

http://www.securityfocus.com/bid/60684

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://access.redhat.com/security/cve/cve-2013-2166

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2166

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-2166

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2013-2166

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.