CVE-2012-5563 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-5563 Interim 1 4 2023-02-15T02:15:17Z current 2021-05-30T13:07:12Z 2023-02-15T02:15:17Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-5563 OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression. CVE-2012-5563 moderate 4 AV:N/AC:L/Au:S/C:N/I:P/A:N