Openstack · Openstack Devstack · CVE-2013-1977
**Name of the Vulnerable Software and Affected Versions**
OpenStack devstack (affected versions not specified)
**Description**
The issue allows local users to obtain sensitive information, including the LDAP password and admin token secret, by reading the keystone.conf file due to its world-readable permissions.
**Recommendations**
For devstack, consider changing the permissions of the keystone.conf file to restrict read access to authorized users only, until a more permanent fix is available.