Red Hat Security Advisory 2019-4358-01 - The OpenStack Identity service authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and password credentials, token-based systems, and AWS-style logins. An issue was addressed where the credentials API allowed non-admin users to list and retrieve all users credentials.
8d64a15f8acd37509d405de1e4329f96f3110df713ea6216a2650682dc3e0346