OSSA-2012-006: Horizon session fixation and reuse¶
May 04, 2012
Horizon: All versions
Thomas Biege from SUSE reported a vulnerability in OpenStack Dashboard (Horizon). Under specific circumstances it is possible to reuse session cookies from another user, potentially allowing access to unauthorized information and capabilities.
Thomas Biege from SUSE (CVE-2012-2144)