CVE-2019-10138

A flaw was discovered in the python-novajoin plugin, all versions up to, excluding 1.1.1, for Red Hat OpenStack Platform. The novajoin API lacked sufficient access control, allowing any keystone authenticated user to generate FreeIPA tokens.
Source: NIST
CVE-2019-10138

Leave a Reply

Your email address will not be published.