CVE-2022-1632

2022-09-0121:15:08

Google

osv.dev

openshift

certificate validation

attack

route

destinationcacertificate

service tls

confidentiality

software

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality.

CPENameOperatorVersion
haproxyeq1.9-dev5
haproxyeq1.2.6-pre4
haproxyeq1.4.6
haproxyeq1.2.5-pre3
haproxyeq1.1.6
haproxyeq1.5-dev21
haproxyeq1.3.2
haproxyeq1.4-dev0
haproxyeq1.5-dev14
haproxyeq1.2.5-pre2

Name	Operator	Version
haproxy	eq	1.9-dev5
haproxy	eq	1.2.6-pre4
haproxy	eq	1.4.6
haproxy	eq	1.2.5-pre3
haproxy	eq	1.1.6
haproxy	eq	1.5-dev21
haproxy	eq	1.3.2
haproxy	eq	1.4-dev0
haproxy	eq	1.5-dev14
haproxy	eq	1.2.5-pre2