CVE-2012-5571

5.4 MEDIUM
Published: December 18, 2012 Modified: April 07, 2026
View on NVD

Description

A flaw was found in OpenStack Keystone. This vulnerability allows remote authenticated users to bypass intended authorization restrictions. This occurs because OpenStack Keystone does not properly handle EC2 (Elastic Compute Cloud) tokens when a user's role has been removed from a tenant. An attacker can leverage a token associated with a removed user role to gain unauthorized access.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-1556.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2012-1557.html
Source: secalert@redhat.com
http://secunia.com/advisories/51423
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/51436
Source: secalert@redhat.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/11/28/5
Source: secalert@redhat.com
Patch
http://www.openwall.com/lists/oss-security/2012/11/28/6
Source: secalert@redhat.com
Patch
http://www.securityfocus.com/bid/56726
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-1641-1
Source: secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2012-5571
Source: secalert@redhat.com
https://bugs.launchpad.net/keystone/+bug/1064914
Source: secalert@redhat.com
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/80333
Source: secalert@redhat.com
https://github.com/openstack/keystone/commit/37308dd4f3e33f7bd0f71d83fd51734d1870713b
Source: secalert@redhat.com
Patch
https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19
Source: secalert@redhat.com
Patch
https://github.com/openstack/keystone/commit/9d68b40cb9ea818c48152e6c712ff41586ad9653
Source: secalert@redhat.com
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1556.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2012-1557.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/51423
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/51436
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.openwall.com/lists/oss-security/2012/11/28/5
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.openwall.com/lists/oss-security/2012/11/28/6
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securityfocus.com/bid/56726
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-1641-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugs.launchpad.net/keystone/+bug/1064914
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/80333
Source: af854a3a-2127-422b-91ae-364da2661108
https://github.com/openstack/keystone/commit/37308dd4f3e33f7bd0f71d83fd51734d1870713b
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://github.com/openstack/keystone/commit/8735009dc5b895db265a1cd573f39f4acfca2a19
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
https://github.com/openstack/keystone/commit/9d68b40cb9ea818c48152e6c712ff41586ad9653
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

29 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.4 / 10.0
EPSS (Exploit Probability)
0.2%
36th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-639 CWE-255

Affected Vendors

openstack

Related CVEs

CVE-2026-5600 N/A
CVE-2026-5302 6.3
CVE-2026-5301 7.6
CVE-2026-5300 5.9
CVE-2026-4402 N/A