Mathrock

**Name of the Vulnerable Software and Affected Versions** OpenStack Keystone versions prior to 2013.1 OpenStack Keystone Folsom version 2012.1.3 and earlier OpenStack Keystone Essex **Description** The issue allows context-dependent attackers to bypass access restrictions by not properly checking if the `user`, `tenant`, or `domain` is enabled when using EC2-style authentication. **Recommendations** For OpenStack Keystone versions prior to 2013.1, update to version 2013.1 or later to resolve the issue. For OpenStack Keystone Folsom version 2012.1.3 and earlier, update to a version later than 2012.1.3 to resolve the issue. For OpenStack Keystone Essex, update to a version later than Essex to resolve the issue.