Lucene search
RedhatCVELIST:CVE-2022-23451HistorySep 06, 2022 - 5:18 p.m.
CVE-2022-23451
2022-09-0617:18:52
CWE-863
redhat
www.cve.org
3
openstack-barbican
authorization flaw
secret metadata
unauthorized modification
denial of service
protected resources
An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.
CNA Affected
[
{
"product": "openstack/barbican",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in v14.0.0"
}
]
}
]Related
veracode
veracode
Privilege Escalation
2022-07-06 00:43:27
nvd
nvd
CVE-2022-23451
2022-09-06 18:15:10
osv
osv
CVE-2022-23451
2022-09-06 18:15:10
Barbican authorization flaw before v14.0.0
2022-09-07 00:01:53
barbican vulnerabilities
2022-04-25 16:19:10
debiancve
debiancve
CVE-2022-23451
2022-09-06 18:15:10
prion
prion
Authorization
2022-09-06 18:15:00
redhatcve
redhatcve
CVE-2022-23451
2022-01-19 16:04:13
github
github
Barbican authorization flaw before v14.0.0
2022-09-07 00:01:53
ubuntucve
ubuntucve
CVE-2022-23451
2022-01-28 00:00:00
cve
cve
CVE-2022-23451
2022-09-06 18:15:10
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Barbican vulnerabilities (USN-5387-1)
2022-04-25 00:00:00
redhat
redhat
openvas
openvas
Ubuntu: Security Advisory (USN-5387-1)
2022-04-26 00:00:00
ubuntu
ubuntu
Barbican vulnerabilities
2022-04-25 00:00:00