Back to bug 1962908
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Nick Tait | 2021-05-20 18:43:28 UTC | Blocks | 1922882 | |
| Gianluca Gabrielli | 2021-05-24 09:57:39 UTC | Summary | Keystone: Verification of application credentials is silently length-limited | CVE-2021-3563 Keystone: Verification of application credentials is silently length-limited |
| Alias | CVE-2021-3563 | |||
| Blocks | 1963091 | |||
| CC | tuxmealux+redhatbz | |||
| Nick Tait | 2021-05-25 16:06:18 UTC | Depends On | 1964527, 1964525, 1964529 | |
| Nick Tait | 2021-05-25 16:15:43 UTC | Doc Text | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified leaving at risk of being brute-forced more easily than users would assume. The highest threat from this vulnerability is to data confidentiality and integrity. | |
| Nick Tait | 2021-05-25 16:20:10 UTC | Doc Text | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified leaving at risk of being brute-forced more easily than users would assume. The highest threat from this vulnerability is to data confidentiality and integrity. | A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity. |
| Jan Zerebecki | 2021-06-09 13:43:11 UTC | CC | jan.fedora | |
| Red Hat Bugzilla | 2021-06-22 00:25:00 UTC | CC | dbecker | |
| Dave Wilde | 2021-08-12 19:37:55 UTC | CC | dwilde | |
| Nick Tait | 2022-04-07 17:42:06 UTC | CC | dmendiza, eglynn, spower | |
| Nick Tait | 2022-04-07 17:49:08 UTC | Depends On | 2070962 | |
| Anten Skrabec | 2022-12-15 21:38:03 UTC | CC | mgarciac | |
| Anten Skrabec | 2022-12-15 21:38:17 UTC | Depends On | 2154112 | |
| Red Hat Bugzilla | 2023-07-07 08:33:24 UTC | Assignee | security-response-team | nobody |
Back to bug 1962908