CVE-2012-3426

N/A Unknown

Published: July 31, 2012 Modified: April 29, 2026

Description

OpenStack Keystone before 2012.1.1, as used in OpenStack Folsom before Folsom-1 and OpenStack Essex, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by (1) creating new tokens through token chaining, (2) leveraging possession of a token for a disabled user account, or (3) leveraging possession of a token for an account with a changed password.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa

Source: secalert@redhat.com

http://github.com/openstack/keystone/commit/375838cfceb88cacc312ff6564e64eb18ee6a355

Source: secalert@redhat.com

Patch

http://github.com/openstack/keystone/commit/628149b3dc6b58b91fd08e6ca8d91c728ccb8626

Source: secalert@redhat.com

Exploit Patch

http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d

Source: secalert@redhat.com

http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454

Source: secalert@redhat.com

http://github.com/openstack/keystone/commit/ea03d05ed5de0c015042876100d37a6a14bf56de

Source: secalert@redhat.com

Exploit Patch

http://secunia.com/advisories/50045

Source: secalert@redhat.com

http://secunia.com/advisories/50494

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/07/27/4

Source: secalert@redhat.com

Patch

http://www.ubuntu.com/usn/USN-1552-1

Source: secalert@redhat.com

https://bugs.launchpad.net/keystone/+bug/996595

Source: secalert@redhat.com

https://bugs.launchpad.net/keystone/+bug/997194

Source: secalert@redhat.com

https://bugs.launchpad.net/keystone/+bug/998185

Source: secalert@redhat.com

https://launchpad.net/keystone/essex/2012.1.1/+download/keystone-2012.1.1.tar.gz

Source: secalert@redhat.com

Patch

http://github.com/openstack/keystone/commit/29e74e73a6e51cffc0371b32354558391826a4aa

Source: af854a3a-2127-422b-91ae-364da2661108

http://github.com/openstack/keystone/commit/375838cfceb88cacc312ff6564e64eb18ee6a355

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://github.com/openstack/keystone/commit/628149b3dc6b58b91fd08e6ca8d91c728ccb8626

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Patch

http://github.com/openstack/keystone/commit/a67b24878a6156eab17b9098fa649f0279256f5d

Source: af854a3a-2127-422b-91ae-364da2661108

http://github.com/openstack/keystone/commit/d9600434da14976463a0bd03abd8e0309f0db454

Source: af854a3a-2127-422b-91ae-364da2661108

http://github.com/openstack/keystone/commit/ea03d05ed5de0c015042876100d37a6a14bf56de

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit Patch

http://secunia.com/advisories/50045

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/50494

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/07/27/4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.ubuntu.com/usn/USN-1552-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.launchpad.net/keystone/+bug/996595

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.launchpad.net/keystone/+bug/997194

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugs.launchpad.net/keystone/+bug/998185

Source: af854a3a-2127-422b-91ae-364da2661108

https://launchpad.net/keystone/essex/2012.1.1/+download/keystone-2012.1.1.tar.gz

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

28 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

2.3%

81th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-264

Affected Vendors

openstack

Related CVEs

CVE-2026-57346 7.1

CVE-2026-25707 8.8

CVE-2026-13601 7.1

CVE-2026-13557 4.3

CVE-2026-13556 4.3