CVE-2022-21950

🗓️ 07 Sep 2022 08:40:10Reported by suseType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 64 Views

Improper Access Control vulnerability in systemd service of cana in openSUSE Backports SLE-15-SP3, openSUSE Backports SLE-15-SP4 allows local users to hijack UNIX domain socket

Reporter	Title	Published	Views	Family All 17
ATTACKERKB	CVE-2022-21950	4 Aug 202200:00	–	attackerkb
CNNVD	canna 访问控制错误漏洞	16 Aug 202200:00	–	cnnvd
Cvelist	CVE-2022-21950 canna: unsafe handling of /tmp/.iroha_unix directory	7 Sep 202208:40	–	cvelist
EUVD	EUVD-2022-27106	3 Oct 202520:07	–	euvd
Mageia	Updated canna packages fix security vulnerability	25 Aug 202221:21	–	mageia
NVD	CVE-2022-21950	7 Sep 202209:15	–	nvd
Tenable Nessus	openSUSE 15 Security Update : canna (openSUSE-SU-2022:10091-1)	18 Aug 202200:00	–	nessus
OPENSUSE Linux	Security update for canna (important)	16 Aug 202200:00	–	opensuse
OPENSUSE Linux	Security update for canna (important)	16 Aug 202200:00	–	opensuse
OpenVAS	openSUSE: Security Advisory for canna (openSUSE-SU-2022:10091-1)	4 Mar 202400:00	–	openvas

NVD

Node

opensuse cannaRange<3.7p3-bp153.2.3.1

AND

opensuse backports_sleMatch15.0sp3

Node

opensuse cannaRange<3.7p3-bp154.3.3.1

AND

opensuse backports_sleMatch15.0sp4

Node

opensuse cannaMatch3.7p3

AND

opensuse factoryMatch-

suse linux_enterpriseMatch12.0

[
  {
    "vendor": "openSUSE",
    "product": "openSUSE Backports SLE-15-SP3",
    "versions": [
      {
        "version": "canna",
        "status": "affected",
        "lessThan": "canna-3.7p3-bp153.2.3.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "openSUSE",
    "product": "openSUSE Backports SLE-15-SP4",
    "versions": [
      {
        "version": "canna",
        "status": "affected",
        "lessThan": "3.7p3-bp154.3.3.1",
        "versionType": "custom"
      }
    ]
  }
]