Name of the Vulnerable Software and Affected Versions keystone versions prior to 0.3.16

Description The issue is related to an authentication weakness. Due to a bug in the default sign in functionality, incomplete email addresses could be matched, but a correct password is still required to complete sign in.

Recommendations For versions prior to 0.3.16, update to version 0.3.16 or later to resolve the issue. As a temporary workaround, consider restricting the use of the default sign in functionality until a patch is available.