Vulnerability in Openstack Compute
CVE-2013-2255
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
EPSS: 0.004 (62.0th percentile) — read the EPSS interpretation.
Affected products
- Openstack Compute — versions 2013.1
- Openstack Keystone — versions 2013
References
- security-tracker.debian.org/tracker/CVE-2013-2255 (x_refsource_MISC)
- bugzilla.redhat.com/show_bug.cgi (x_refsource_MISC)
- bugzilla.suse.com/show_bug.cgi (x_refsource_MISC)
- access.redhat.com/security/cve/cve-2013-2255 (x_refsource_MISC)
- exchange.xforce.ibmcloud.com/vulnerabilities/85562 (x_refsource_MISC)
- bugs.launchpad.net/ossn/+bug/1188189 (x_refsource_MISC)
- www.securityfocus.com/bid/61118 (x_refsource_MISC)