Chmouel Boudjnah

**Name of the Vulnerable Software and Affected Versions** OpenStack Identity (Keystone) versions Folsom through Havana before havana-3 OpenStack Identity (Keystone) version Grizzly 2013.1.3 and earlier **Description** The issue allows remote authenticated users to retain access via a token when a tenant is disabled, due to improper revocation of user tokens. **Recommendations** For OpenStack Identity (Keystone) versions Folsom through Havana before havana-3, update to a version that properly revokes user tokens when a tenant is disabled. For OpenStack Identity (Keystone) version Grizzly 2013.1.3 and earlier, update to a version that properly revokes user tokens when a tenant is disabled.