VDB
CVE-2022-23452
CVE-2022-23452
PUBLISHED
Es existiert eine Schwachstelle in Red Hat OpenStack. Der Fehler besteht aufgrund einer falschen Autorisierung in openstack-barbican. Ein entfernter, authentisierter Angreifer mit bestimmten Rechten kann diese Schwachstelle ausnutzen, um geschützte Ressourcen zu verbrauchen und einen Denial-of-Service-Zustand auszulösen.
EPSS 0.44% · 63.7th percentile
Risk Scores
EPSS Score
0.44%
63.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | SUSE Linux | |
| Red Hat | Red Hat Enterprise Linux | |
| Debian | Debian Linux |
Exploit Intelligence
- https://bugzilla.redhat.com/show_bug.cgi?id=2025090 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=2022908 (circl)
- https://storyboard.openstack.org/#%21/story/2009297 (circl)
- https://review.opendev.org/c/openstack/barbican/+/814200 (circl)
- https://access.redhat.com/security/cve/CVE-2022-23452 (circl)
Timeline
- Jun 22, 2022 CVE Published
- Sep 2, 2022 EPSS Score
- Oct 17, 2022 EPSS Score
- Dec 2, 2022 EPSS Score
- Dec 7, 2022 CVE Updated
- Jan 16, 2023 EPSS Score
- Mar 3, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 17, 2023 EPSS Score
- Jun 1, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Aug 31, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0439.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0439 advisory
- https://access.redhat.com/errata/RHSA-2022:8874 advisory
- https://access.redhat.com/errata/RHSA-2022:8869 advisory
- https://access.redhat.com/errata/RHSA-2022:5114 advisory
- https://access.redhat.com/errata/RHSA-2022:5115 advisory
- https://access.redhat.com/errata/RHSA-2022:5116 advisory
- https://access.redhat.com/errata/RHSA-2022:5498 advisory
- https://access.redhat.com/errata/RHSA-2022:5602 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012331.html advisory
- https://lists.suse.com/pipermail/sle-security-updates/2022-September/012332.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00223.html advisory