Showing 1 - 3 of 3

CVE-2022-23451

Status Candidate

Overview

An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.

Related Files

Red Hat Security Advisory 2022-8874-01: Posted Dec 8, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-8874-01 - An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.1.9 (Train) for Red Hat Enterprise Linux (RHEL) 8.2.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-23451, CVE-2022-23452; SHA-256 | 324e69619082a3d0a6cbc2bb71c98b422761dab1cdb107bfa376bb3466847dab; Download | Favorite | View

Red Hat Security Advisory 2022-5114-01: Posted Jun 23, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5114-01 - Barbican is a ReST API designed for the secure storage, provisioning and management of secrets, including in OpenStack environments.; tags | advisory; systems | linux, redhat; advisories | CVE-2022-23451, CVE-2022-23452; SHA-256 | 1c9367820875f1eed9f70b636f2485623e4c0e32e95b736976474193f48db9a7; Download | Favorite | View

Ubuntu Security Notice USN-5387-1: Posted Apr 26, 2022; Site security.ubuntu.com; Ubuntu Security Notice 5387-1 - Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service.; advisories | CVE-2022-23451; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 300 files
Ubuntu 63 files
Debian 20 files
LiquidWorm 19 files
Apple 9 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files
nu11secur1ty 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,928)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,326)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,981)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2022-23451

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems