OpenStack Keystone LDAP Authentication Bypass Vulnerability

OpenStack Keystone LDAP Authentication Bypass Vulnerability

CVE-2013-2157 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.

Learn more about our Cis Benchmark Audit For Bind.