CVE-2021-3563
- Source
- https://cve.org/CVERecord?id=CVE-2021-3563
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3563.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-3563
- Aliases
- Downstream
- Published
- 2022-08-26T16:15:08.867Z
- Modified
- 2026-05-28T04:05:06.535066026Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
- Database specific
{ "unresolved_ranges": [ { "extracted_events": [ { "last_affected": "16.1" }, { "last_affected": "16.2" } ], "cpes": [ "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*" ], "source": "CPE_STRING", "vendor_product": "redhat:openstack_platform" } ] }- References
Affected packages
Git / github.com/openstack/keystone
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openstack/keystone
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack_platform:10.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "10.0" }, { "last_affected": "11.0" }, { "last_affected": "13.0" } ], "source": "CPE_STRING" }
Affected versions
10.*
10.0.0
10.0.0.0b1
10.0.0.0b2
10.0.0.0b3
10.0.0.0rc1
10.0.0.0rc2
10.0.0.0rc3
11.*
11.0.0
11.0.0.0b1
11.0.0.0b2
11.0.0.0b3
11.0.0.0rc1
12.*
12.0.0.0b1
12.0.0.0b2
12.0.0.0b3
12.0.0.0rc1
13.*
13.0.0
13.0.0.0b1
13.0.0.0b2
13.0.0.0b3
13.0.0.0rc1
13.0.0.0rc2
2011.*
2011.3
2013.*
2013.2.b1
2013.2.b3
2013.2.rc1
2014.*
2014.1.b1
2014.1.b2
2014.1.b3
2014.1.rc1
2014.2.b1
2014.2.b2
2014.2.b3
2014.2.rc1
2015.*
2015.1.0b1
2015.1.0b2
2015.1.0b3
2015.1.0rc1
8.*
8.0.0.0b1
8.0.0.0b2
8.0.0.0b3
8.0.0.0rc1
8.0.0a0
9.*
9.0.0.0b1
9.0.0.0b2
9.0.0.0b3
9.0.0.0rc1
Other
essex-4
essex-rc1
folsom-1
folsom-2
folsom-rc1
grizzly-1
grizzly-2