Back to search
CVE-2022-2447
Published: Sep 1, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.
| Vendor | Product | Versions |
|---|---|---|
n/a | openstack-keystone | affected openstack-keystone as shipped in Red Hat OpenStack 16.1 and 16.2 |
Weaknesses (CWE)
References
https://bugzilla.redhat.com/show_bug.cgi?id=2105419
x_refsource_MISC
https://access.redhat.com/security/cve/CVE-2022-2447
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now