Описание
Security update for aws-iam-authenticator
This update for aws-iam-authenticator fixes the following issues:
- CVE-2022-2385: Fixed AccessKeyID validation bypass (bsc#1201395).
Список пакетов
SUSE Linux Enterprise Module for Public Cloud 15
aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP1
aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP2
aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4
aws-iam-authenticator-0.5.3-150000.1.9.1
openSUSE Leap 15.3
aws-iam-authenticator-0.5.3-150000.1.9.1
openSUSE Leap 15.4
aws-iam-authenticator-0.5.3-150000.1.9.1
Ссылки
- Link for SUSE-SU-2022:2583-1
- E-Mail link for SUSE-SU-2022:2583-1
- SUSE Security Ratings
- SUSE Bug 1201395
- SUSE CVE CVE-2022-2385 page
Описание
A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges.
Затронутые продукты
SUSE Linux Enterprise Module for Public Cloud 15 SP1:aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP2:aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3:aws-iam-authenticator-0.5.3-150000.1.9.1
SUSE Linux Enterprise Module for Public Cloud 15 SP4:aws-iam-authenticator-0.5.3-150000.1.9.1
Ссылки
- CVE-2022-2385
- SUSE Bug 1201395