VDB
CVE-2022-1996
CVE-2022-1996
PUBLISHED
Es existiert eine Schwachstelle in Red Hat OpenShift. Der Fehler besteht aufgrund eines benutzergesteuerten Schlüssels im GitHub-Repository emicklei/go-restful. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um die Sicherheitsmaßnahmen zu umgehen.
EPSS 0.96% · 76.9th percentile
Risk Scores
EPSS Score
0.96%
76.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat OpenShift GitOps 1.9 | |
| SUSE | SUSE Linux | |
| Dell | Dell PowerProtect Data Domain Management Center | |
| Dell | Dell PowerProtect Data Domain | |
| Dell | Dell PowerProtect Data Domain <7.13.1.10 | |
| Red Hat | Red Hat Enterprise Linux | |
| Dell | Dell PowerProtect Data Domain <7.10.1.40 | |
| Amazon | Amazon Linux 2 | |
| Red Hat | Red Hat Enterprise Linux Cryostat 2 build | |
| Dell | Dell PowerProtect Data Domain <7.7.5.50 | |
| Dell | Dell PowerProtect Data Domain OS | |
| Red Hat | Red Hat OpenShift GitOps 1.8 | |
| Dell | Dell PowerProtect Data Domain <8.1.0.0 |
Exploit Intelligence
- https://huntr.dev/bounties/be837427-415c-4d8c-808b-62ce20aa84f1 (nist-nvd)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- cve-2023-22527-yara.yar (github-yara)
- .trivyignore.yaml (github-poc)
…and 7 more exploits
Timeline
- Jun 6, 2022 CVE Published
- Jun 7, 2022 EPSS Score
- Jul 26, 2022 EPSS Score
- Sep 13, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 5, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 25, 2023 EPSS Score
- May 12, 2023 EPSS Score
- Jun 30, 2023 EPSS Score
- Oct 4, 2023 EPSS Score
- Nov 22, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-1312.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-1312 advisory
- https://access.redhat.com/errata/RHSA-2022:6351 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012328.html advisory
- https://access.redhat.com/errata/RHSA-2022:6681 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012327.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012329.html advisory
- https://access.redhat.com/errata/RHSA-2022:6890 advisory
- https://alas.aws.amazon.com/AL2/ALASDOCKER-2022-020.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1863.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1861.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1858.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1860.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1865.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1864.html advisory
- https://alas.aws.amazon.com/AL2/ALAS-2022-1862.html advisory
- https://access.redhat.com/errata/RHSA-2022:8609 advisory
- https://access.redhat.com/errata/RHSA-2023:0814 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-April/014584.html advisory
- https://access.redhat.com/errata/RHSA-2023:3229 advisory
…and 7 more