CVE-2021-3563
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-3563
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3563.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-3563
- Aliases
- Related
- Published
- 2022-08-26T16:15:08Z
- Modified
- 2024-10-12T07:44:53.427780Z
- Severity
-
- 7.4 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.
- References
Affected packages
Debian:11 / keystone
Package
- Name
- keystone
- Purl
- pkg:deb/debian/keystone?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2:18.*
2:18.0.0-3
2:18.0.0-3+deb11u1
2:19.*
2:19.0.0~rc1-1
2:19.0.0-1
2:19.0.0-2
2:19.0.0-3
2:20.*
2:20.0.0~rc1-1
2:20.0.0~rc1-2
2:20.0.0-1
2:20.0.0-2
2:20.0.0-3
2:21.*
2:21.0.0~rc1-1
2:21.0.0~rc1-2
2:21.0.0-1
2:21.0.0-2
2:21.0.0-3
2:22.*
2:22.0.0~rc1-1
2:22.0.0~rc1-2
2:22.0.0-1
2:22.0.0-1.1
2:22.0.0-2
2:23.*
2:23.0.0~rc1-1
2:23.0.0-1
2:23.0.0-2
2:23.0.0-3
2:23.0.0-4
2:23.0.0-5
2:23.0.0-6
2:24.*
2:24.0.0~rc1-1
2:24.0.0-1
2:24.0.0-2
2:24.0.0-3
2:25.*
2:25.0.0-1
2:25.0.0-2
2:25.0.0-3
2:26.*
2:26.0.0~rc1-1
2:26.0.0~rc1-2
2:26.0.0-1
Debian:12 / keystone
Package
- Name
- keystone
- Purl
- pkg:deb/debian/keystone?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:13 / keystone
Package
- Name
- keystone
- Purl
- pkg:deb/debian/keystone?arch=source