Token Expiry Bypass and Revocation Exploit in python-keystoneclient
CVE-2013-2104 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:P
python-keystoneclient before 0.2.4, as used in OpenStack Keystone (Folsom), does not properly check expiry for PKI tokens, which allows remote authenticated users to (1) retain use of a token after it has expired, or (2) use a revoked token once it expires.
Learn more about our User Device Pen Test.