The following flaw was found in Keystone:
Eric Brown from VMware reported a vulnerability in Keystone. The backend_argument configuration option content is being logged, and it may contain sensitive information for specific backends (like a password for MongoDB). An attacker with read access to Keystone logs may therefore obtain sensitive data about certain backends. All Keystone setups are potentially impacted.
Created openstack-keystone tracking bugs for this issue:
Affects: fedora-all [bug 1218642]
Affects: openstack-rdo [bug 1218644]
While this issue does occur in openstack-keystone packages as shipped in Red Hat Enterprise Linux OpenStack Platform versions 5 and 6 it is not believed to be exploitable as access to the keystone logs is restricted with file-system permissions.