Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-23452

Опубликовано: 13 дек. 2021
Источник: redhat
CVSS3: 3.8

Описание

An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenStack Platform 13 (Queens)openstack-barbicanOut of support scope
Red Hat OpenStack Platform 16.1openstack-barbicanFixedRHSA-2022:887407.12.2022
Red Hat OpenStack Platform 16.2openstack-barbicanFixedRHSA-2022:511422.06.2022

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-863
https://bugzilla.redhat.com/show_bug.cgi?id=2025090openstack-barbican: Barbican allows anyone with an admin role to add their secrets to a different project's containers

3.8 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-23452

CVSS3: 4.9
ubuntu
больше 3 лет назад

An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.

nvd логотип

CVE-2022-23452

CVSS3: 4.9
nvd
больше 3 лет назад

An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.

debian логотип

CVE-2022-23452

CVSS3: 4.9
debian
больше 3 лет назад

An authorization flaw was found in openstack-barbican, where anyone wi ...

github логотип

GHSA-6p2h-rjj7-2j63

CVSS3: 4.9
github
больше 3 лет назад

openstack-barbican Denial of Service vulnerability

3.8 Low

CVSS3