CVE-2013-2157

Priority
Description
OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using
LDAP with Anonymous binding, allows remote attackers to bypass
authentication via an empty password.
Assigned-to
jdstrand
Notes
sarnoldpatches in Message-ID: <51B1A6BC.9050307@openstack.org>
jdstrand12.04 LTS does not have 0d32a417c811ce37b1b7ea1fbbc0a8376b9b3723
which is required to be exposed to this bug (ie anonymous binds fail without
it)
If 0d32a417c811ce37b1b7ea1fbbc0a8376b9b3723 is applied then the
patch for folsom will work with some light modifications.
More Information

Updated: 2020-07-28 19:49:36 UTC (commit d26b6ca9f5b3adb89bb036ce73ae7dab894935ec)