This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Solaris system is missing a security patch for third-party
The remote Solaris system is missing necessary patches to address
security updates :
- The catalog url replacement in Keystone before 2013.2.3
and 2014.1 before 2014.1.2.1 allows remote authenticated
users to read sensitive configuration options via a
crafted endpoint, as demonstrated by '$(admin_token)' in
the publicurl endpoint field. (CVE-2014-3621)
See also :
Upgrade to Solaris 184.108.40.206.1.
Risk factor :
Medium / CVSS Base Score : 4.0