Lucene search
Redhat.comRH:CVE-2022-23452HistoryJan 19, 2022 - 4:04 p.m.
CVE-2022-23452
2022-01-1916:04:14
redhat.com
access.redhat.com
77
openstack-barbican
authorization flaw
admin role
different project
denial of service
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.3%
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
Related
prion
prion
Authorization
2022-09-01 21:15:00
veracode
veracode
Authorization Bypass
2022-07-06 00:43:30
cvelist
cvelist
CVE-2022-23452
2022-09-01 20:57:45
ubuntucve
ubuntucve
CVE-2022-23452
2022-01-28 00:00:00
osv
osv
openstack-barbican Denial of Service vulnerability
2022-09-02 00:01:02
CVE-2022-23452
2022-09-01 21:15:09
barbican vulnerabilities
2022-04-25 16:19:10
nvd
nvd
CVE-2022-23452
2022-09-01 21:15:09
debiancve
debiancve
CVE-2022-23452
2022-09-01 21:15:09
github
github
openstack-barbican Denial of Service vulnerability
2022-09-02 00:01:02
cve
cve
CVE-2022-23452
2022-09-01 21:15:09
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Barbican vulnerabilities (USN-5387-1)
2022-04-25 00:00:00
ubuntu
ubuntu
Barbican vulnerabilities
2022-04-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5387-1)
2022-04-26 00:00:00
redhat
redhat
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
50.3%
Related for RH:CVE-2022-23452