Lucene search
Veracode Vulnerability DatabaseVERACODE:36260HistoryJul 06, 2022 - 12:43 a.m.
Privilege Escalation
2022-07-0600:43:27
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
openstack-barbican
vulnerability
privilege escalation
metadata manipulation
software
EPSS
0.001
Percentile
46.9%
openstack-barbican is vulnerable to privilege escalation. The vulnerability exists because the library allows authenticated users to add, delete or modify arbitrary metadata on any secret.
References
access.redhat.com/errata/RHSA-2022:5114
access.redhat.com/errata/RHSA-2022:8874
access.redhat.com/security/cve/CVE-2022-23451
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=2022878
bugzilla.redhat.com/show_bug.cgi?id=2025089
review.opendev.org/c/openstack/barbican/+/811236
storyboard.openstack.org/#!/story/2009253
storyboard.openstack.org/#%21/story/2009253
Related
nvd
nvd
CVE-2022-23451
2022-09-06 18:15:10
osv
osv
CVE-2022-23451
2022-09-06 18:15:10
Barbican authorization flaw before v14.0.0
2022-09-07 00:01:53
barbican vulnerabilities
2022-04-25 16:19:10
debiancve
debiancve
CVE-2022-23451
2022-09-06 18:15:10
prion
prion
Authorization
2022-09-06 18:15:00
redhatcve
redhatcve
CVE-2022-23451
2022-01-19 16:04:13
github
github
Barbican authorization flaw before v14.0.0
2022-09-07 00:01:53
cvelist
cvelist
CVE-2022-23451
2022-09-06 17:18:52
ubuntucve
ubuntucve
CVE-2022-23451
2022-01-28 00:00:00
cve
cve
CVE-2022-23451
2022-09-06 18:15:10
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Barbican vulnerabilities (USN-5387-1)
2022-04-25 00:00:00
redhat
redhat
openvas
openvas
Ubuntu: Security Advisory (USN-5387-1)
2022-04-26 00:00:00
ubuntu
ubuntu
Barbican vulnerabilities
2022-04-25 00:00:00