DATABASE RESOURCES PRICING ABOUT US

{"id": "ELSA-2022-9853", "vendorId": null, "type": "oraclelinux", "bulletinFamily": "unix", "title": "kubernetes security update", "description": "kubernetes\n[1.21.14-2]\n- Fixed kubernetes-cni version.\n[1.21.14-1]\n- Addresses CVE-2022-3172\nolcne\n[1.4.8-2]\n- Updated Kubernetes package release version to 1.21.6-2\n[1.4.8-1]\n- Upgraded kubernetes-1.21.6 to 1.21.14\n- Resolve Kubernetes CVE-2022-3172 for version 1.21\n[1.4.7-1]\n- Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045\n[1.4.6-2]\n- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over\n- Update gen-certs-helper script to skip printing olcne_transfer_script execution\n- Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname\n[1.4.6-1]\n- Adress Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227\n[1.4.5-1]\n- Address qemu CVE-2022-26353, CVE-2021-3748\n[1.4.4-1]\n- Excluded unnecessary directories from k8s backup files\n[1.4.3-1]\n- Update Istio to 1.13.2\n[1.4.2-1]\n- Added 1.4 extra images to registry-image-helper.sh script\n[1.4.1-4]\n- Ensure that the order of items in an upgraded config file is stable with respect to the original file\n- Ensure that old olcnectl config files are upgraded\n[1.4.1-3]\n- Fixed a bug where specifying a port in the container-registry argument\n to the Kubernetes module would result in pods not being able to start.\n[1.4.1-2]\n- Allow loadbalancer to be configured regardless of security list mode\n[1.4.1-1]\n- Fix bug in initialising certs manager when environment name not mentioned\n[1.4.0-3]\n- Fix bug in fetching report for multi-environment\n[1.4.0-2]\n- Pause image is 3.4.1\n[1.4.0-1]\n- CSI plugin\n- Reports feature\n- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade\n- Istio-1.9.4 to Istio-1.11.4 upgrade\n- Component upgrades\n- Config file feature\n[1.3.0-13]\n- Fix iptables issue when running on OL7 host using OL8 image\n[1.3.0-12]\n- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007\n[1.3.0-11]\n- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]\n[1.3.0-10]\n- Fixed missing double semicolon in registry image helper\n[1.3.0-9]", "published": "2022-10-05T00:00:00", "modified": "2022-10-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "http://linux.oracle.com/errata/ELSA-2022-9853.html", "reporter": "OracleLinux", "references": [], "cvelist": ["CVE-2022-3172"], "immutableFields": [], "lastseen": "2022-10-05T22:49:02", "viewCount": 8, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-3172"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2022-9855.NASL", "ORACLELINUX_ELSA-2022-9856.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-9855", "ELSA-2022-9856"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-3172"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-3172"]}]}, "score": {"value": -0.5, "vector": "NONE"}, "vulnersScore": -0.5}, "_state": {"dependencies": 1665010149, "score": 1665010224}, "_internal": {"score_hash": "de43688faf599df5092444b86e839dd7"}, "affectedPackage": [{"OS": "oracle linux", "OSVersion": "7", "arch": "src", "packageVersion": "1.21.14-2.el7", "packageFilename": "kubernetes-1.21.14-2.el7.src.rpm", "operator": "lt", "packageName": "kubernetes"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "src", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-1.4.8-2.el7.src.rpm", "operator": "lt", "packageName": "olcne"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.21.14-2.el7", "packageFilename": "kubeadm-1.21.14-2.el7.x86_64.rpm", "operator": "lt", "packageName": "kubeadm"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.21.14-2.el7", "packageFilename": "kubectl-1.21.14-2.el7.x86_64.rpm", "operator": "lt", "packageName": "kubectl"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.21.14-2.el7", "packageFilename": "kubelet-1.21.14-2.el7.x86_64.rpm", "operator": "lt", "packageName": "kubelet"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-agent-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-agent"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-api-server-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-api-server"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-gluster-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-gluster-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-grafana-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-grafana-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-istio-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-istio-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-nginx-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-nginx"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-oci-csi-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-oci-csi-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-olm-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-olm-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-prometheus-chart-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-prometheus-chart"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcne-utils-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcne-utils"}, {"OS": "oracle linux", "OSVersion": "7", "arch": "x86_64", "packageVersion": "1.4.8-2.el7", "packageFilename": "olcnectl-1.4.8-2.el7.x86_64.rpm", "operator": "lt", "packageName": "olcnectl"}]}

{"nessus": [{"lastseen": "2023-01-10T19:31:48", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9855 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-03T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kubernetes (ELSA-2022-9855)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-03T00:00:00", "cpe": ["cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-api-server:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-nginx:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcnectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubeadm:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubelet:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-istio-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-prometheus-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-grafana-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-olm-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-gluster-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-metallb-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-oci-ccm-chart:*:*:*:*:*:*:*"], "id": "ORACLELINUX_ELSA-2022-9855.NASL", "href": "https://www.tenable.com/plugins/nessus/165639", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9855.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165639);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/03\");\n\n script_cve_id(\"CVE-2022-3172\");\n\n script_name(english:\"Oracle Linux 7 : kubernetes (ELSA-2022-9855)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9855 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9855.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3172\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubeadm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubelet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-api-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-gluster-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-grafana-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-istio-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-metallb-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-oci-ccm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-olm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-prometheus-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcnectl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'kubeadm-1.22.14-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubeadm-1.22.14'},\n {'reference':'kubeadm-1.23.11-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubeadm-1.23.11'},\n {'reference':'kubectl-1.22.14-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubectl-1.22.14'},\n {'reference':'kubectl-1.23.11-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubectl-1.23.11'},\n {'reference':'kubelet-1.22.14-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubelet-1.22.14'},\n {'reference':'kubelet-1.23.11-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubelet-1.23.11'},\n {'reference':'olcne-agent-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-api-server-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-gluster-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-grafana-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-istio-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-metallb-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-nginx-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-oci-ccm-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-olm-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-prometheus-chart-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-utils-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcnectl-1.5.6-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kubeadm / kubectl / kubelet / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:31:06", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9853 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-05T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : kubernetes (ELSA-2022-9853)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-05T00:00:00", "cpe": ["cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-api-server:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-nginx:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcnectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubeadm:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubelet:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-istio-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-prometheus-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-grafana-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-olm-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-gluster-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-oci-csi-chart:*:*:*:*:*:*:*"], "id": "ORACLELINUX_ELSA-2022-9853.NASL", "href": "https://www.tenable.com/plugins/nessus/165711", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9853.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165711);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/05\");\n\n script_cve_id(\"CVE-2022-3172\");\n\n script_name(english:\"Oracle Linux 7 : kubernetes (ELSA-2022-9853)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9853 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9853.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3172\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubeadm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubelet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-api-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-gluster-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-grafana-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-istio-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-oci-csi-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-olm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-prometheus-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcnectl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'kubeadm-1.21.14-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kubectl-1.21.14-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kubelet-1.21.14-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-agent-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-api-server-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-gluster-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-grafana-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-istio-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-nginx-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-oci-csi-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-olm-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-prometheus-chart-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-utils-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcnectl-1.4.8-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kubeadm / kubectl / kubelet / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:32:22", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9856 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-03T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : kubernetes (ELSA-2022-9856)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-03T00:00:00", "cpe": ["cpe:2.3:o:oracle:linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-api-server:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-nginx:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcnectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubeadm:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubelet:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-istio-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-prometheus-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-grafana-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-olm-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-gluster-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-metallb-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-oci-ccm-chart:*:*:*:*:*:*:*"], "id": "ORACLELINUX_ELSA-2022-9856.NASL", "href": "https://www.tenable.com/plugins/nessus/165638", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9856.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165638);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/03\");\n\n script_cve_id(\"CVE-2022-3172\");\n\n script_name(english:\"Oracle Linux 8 : kubernetes (ELSA-2022-9856)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9856 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9856.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3172\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubeadm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubelet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-api-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-gluster-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-grafana-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-istio-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-metallb-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-oci-ccm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-olm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-prometheus-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcnectl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'kubeadm-1.22.14-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubeadm-1.22.14'},\n {'reference':'kubeadm-1.23.11-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubeadm-1.23.11'},\n {'reference':'kubectl-1.22.14-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubectl-1.22.14'},\n {'reference':'kubectl-1.23.11-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubectl-1.23.11'},\n {'reference':'kubelet-1.22.14-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubelet-1.22.14'},\n {'reference':'kubelet-1.23.11-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kubelet-1.23.11'},\n {'reference':'olcne-agent-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-api-server-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-gluster-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-grafana-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-istio-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-metallb-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-nginx-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-oci-ccm-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-olm-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-prometheus-chart-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-utils-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcnectl-1.5.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kubeadm / kubectl / kubelet / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-10T19:32:25", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9854 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-05T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : kubernetes (ELSA-2022-9854)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-05T00:00:00", "cpe": ["cpe:2.3:o:oracle:linux:8:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-agent:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-api-server:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-nginx:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-utils:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcnectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubeadm:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubectl:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:kubelet:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-istio-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-prometheus-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-grafana-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-olm-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-gluster-chart:*:*:*:*:*:*:*", "p-cpe:2.3:a:oracle:linux:olcne-oci-csi-chart:*:*:*:*:*:*:*"], "id": "ORACLELINUX_ELSA-2022-9854.NASL", "href": "https://www.tenable.com/plugins/nessus/165712", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9854.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165712);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/05\");\n\n script_cve_id(\"CVE-2022-3172\");\n\n script_name(english:\"Oracle Linux 8 : kubernetes (ELSA-2022-9854)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9854 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9854.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3172\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubeadm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubectl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kubelet\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-api-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-gluster-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-grafana-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-istio-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-oci-csi-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-olm-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-prometheus-chart\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcne-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:olcnectl\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar pkgs = [\n {'reference':'kubeadm-1.21.14-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kubectl-1.21.14-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kubelet-1.21.14-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-agent-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-api-server-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-gluster-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-grafana-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-istio-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-nginx-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-oci-csi-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-olm-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-prometheus-chart-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcne-utils-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'olcnectl-1.4.8-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kubeadm / kubectl / kubelet / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ibm": [{"lastseen": "2022-10-25T21:29:43", "description": "## Summary\n\nKubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of base container images. (CVE-2022-3172)\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-3172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172>) \n** DESCRIPTION: **Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to unexpected actions and the client's API server credentials to third parties. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Robotic Process Automation for Cloud Pak| &lt; 21.0.6 \n \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation for Cloud Pak| &lt; 21.0.6| Update to 21.0.6 or higher using the following [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=upgrading-rpa-openshift-container-platform> \"\" ). \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n24 Oct 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSC50T\",\"label\":\"IBM Robotic Process Automation\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF040\",\"label\":\"RedHat OpenShift\"}],\"Version\":\"21.0.1, 21.0.2, 21.0.3, 21.0.4, 21.0.5\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {}, "published": "2022-10-25T19:54:07", "type": "ibm", "title": "Security Bulletin: IBM Robotic Process Automation for Cloud Pak may be vulnerable to server-side forgery requests due to Kubernetes kube-apiserver (CVE-2022-3172)", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-25T19:54:07", "id": "DA3BD6A322362DB9EA27EC83500FF79BD7885DE3B762AEB3DA4AF9DAA3256D91", "href": "https://www.ibm.com/support/pages/node/6831897", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-19T21:29:00", "description": "## Summary\n\nThere are multiple vulnerabilities in components of IBM i Modernization Engine for Lifecycle Integration as described in the Vulnerability Details section. FasterXML jackson-databind, Keycloak, and SnakeYAML are vulnerable to a denial of service (CVE-2022-25857, CVE-2022-38751, CVE-2022-38752, CVE-2021-3754, CVE-2022-42003, CVE-2022-42004). Keycloak is vulnerable to cross-site scripting (CVE-2022-2256). Kubernetes kube-apiserver is vulnerable to server-side request forgery (CVE-2022-3172). VMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions. These components are used in IBM i Modernization Engine for Lifecycle Integration for infrastructure support in the platform. IBM has addressed the vulnerabilities in IBM i Modernization Engine for Lifecycle Integration with updates to affected components.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-25857](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857>) \n** DESCRIPTION: **Java package org.yaml:snakeyam is vulnerable to a denial of service, caused by missing to nested depth limitation for collections. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/234864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/234864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-38751](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38751>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-38752](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38752>) \n** DESCRIPTION: **SnakeYAML is vulnerable to a denial of service, caused by a stack-overflow in parsing YAML files. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235310](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235310>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-31692](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31692>) \n** DESCRIPTION: **VMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused by a flaw when using forward or include dispatcher types. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass authorization rules. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/239162](<https://exchange.xforce.ibmcloud.com/vulnerabilities/239162>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-3754](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3754>) \n** DESCRIPTION: **Keycloak is vulnerable to a denial of service, caused by a flaw with the ability to register using the same username as the email ID of any existing user. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause trouble in getting password recovery email, and results in a denial of service condition. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235009](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235009>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-2256](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2256>) \n** DESCRIPTION: **Keycloak is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 3.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235228](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235228>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-3172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172>) \n** DESCRIPTION: **Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to unexpected actions and the client's API server credentials to third parties. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-42003](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in the primitive value deserializers when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled. By sending a specially-crafted request using deep wrapper array nesting, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-42004](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004>) \n** DESCRIPTION: **FasterXML jackson-databind is vulnerable to a denial of service, caused by a lack of a check in in the BeanDeserializer._deserializeFromArray function. By sending a specially-crafted request using deeply nested arrays, a local attacker could exploit this vulnerability to exhaust all available resources. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM i Modernization Engine for Lifecycle Integration| 1.0 \n \n\n\n## Remediation/Fixes\n\nAffected Product(s)| Version(s)| Remediation/Fix/Instructions \n---|---|--- \nIBM i Modernization Engine for Lifecycle Integration| 1.0| Follow [instructions](<https://www.ibm.com/docs/en/merlin/1.0?topic=guide-upgrade-merlin-platform-tools>) to download and install v1.4.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n19 Dec 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SSBNRA\",\"label\":\"IBM i Modernization Engine for Lifecycle Integration\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"All\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB57\",\"label\":\"Power\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-19T15:35:34", "type": "ibm", "title": "Security Bulletin: IBM i Modernization Engine for Lifecycle Integration is vulnerable to multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2021-3754", "CVE-2022-2256", "CVE-2022-25857", "CVE-2022-31692", "CVE-2022-3172", "CVE-2022-38751", "CVE-2022-38752", "CVE-2022-42003", "CVE-2022-42004"], "modified": "2022-12-19T15:35:34", "id": "AE8B23AD6B0062B13D1E5F5D2B9C3DE6F734845A554B1AED12CCABFC9651716D", "href": "https://www.ibm.com/support/pages/node/6848879", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-12-14T21:31:24", "description": "## Summary\n\nIBM has released the below fix for IBM Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data in response to multiple vulnerabilities found in multiple components.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2016-1000023](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000023>) \n** DESCRIPTION: **Minimatch is vulnerable to a denial of service, caused by a regular expression of minimatch.js. By using a specially crafted glob pattern, a remote attacker could exploit this vulnerability to cause the application to consume an overly large amount of CPU resources \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118817](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118817>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-41296](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41296>) \n** DESCRIPTION: **IBM Db2U is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-21303](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21303>) \n** DESCRIPTION: **Helm could allow a local authenticated attacker to bypass security restrictions, caused by the failure to sanitized multiple fields in various .yaml files. By sending a specially-crafted request, an attacker could exploit this vulnerability to send deceptive, obscure or alter information to a terminal screen. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196392](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196392>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-36055](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36055>) \n** DESCRIPTION: **Helm is vulnerable to a denial of service, caused by a flaw in the strvals package. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause memory panics, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-32690](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32690>) \n** DESCRIPTION: **Helm could allow a remote attacker to obtain sensitive information, caused by improper validation of user-supplied input by the index.yaml file. By gaining access to the chart archives, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-3172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172>) \n** DESCRIPTION: **Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to unexpected actions and the client's API server credentials to third parties. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-29526](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the Faccessat function when called with a non-zero flags parameter. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain accessible file information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-30633](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30633>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Unmarshal in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-28131](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28131>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in Decoder.Skip in encoding/xml due to stack exhaustion. By parsing a specially-crafted XML document, a remote attacker could exploit this vulnerability to cause a panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233141](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233141>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27664](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a closing HTTP/2 server connection to hang, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235355](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235355>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-41297](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41297>) \n** DESCRIPTION: **IBM Db2U is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237212](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237212>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** IBM X-Force ID: **221551 \n** DESCRIPTION: **Helm could allow a remote authenticated attacker to obtain sensitive information, caused by repository credentials being passed to alternate domain. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/221551 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAll platforms of the following IBM\u00ae Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data refresh levels are affected:\n\nRelease| Version \n---|--- \nIBM\u00ae Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data| \n\nv3.5 through refresh 10 \nv4.0 through refresh 9 \nv4.5 through refresh 3 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading to the latest IBM Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data release containing the fix for these issues. It can be applied to any affected fixpack and refresh level of the appropriate release. \nProduct| Fixed in Fix Pack| Instructions \n---|---|--- \nIBM\u00ae Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data| v4.6 | \n\n[Db2 Warehouse: https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=warehouse-upgrading](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=warehouse-upgrading>)\n\n \n[Db2: https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=db2-upgrading](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=db2-upgrading>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n30 Nov 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSC8M7\",\"label\":\"IBM Db2 Advanced Edition Cartridge for IBM Cloud Pak for Data\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSSAIKN\",\"label\":\"IBM Db2 Warehouse Cartridge for IBM Cloud Pak for Data\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"All\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-11-30T23:02:42", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities affect IBM Db2\u00ae on Cloud Pak for Data and Db2 Warehouse\u00ae on Cloud Pak for Data", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1000023", "CVE-2021-21303", "CVE-2021-32690", "CVE-2022-27664", "CVE-2022-28131", "CVE-2022-29526", "CVE-2022-30633", "CVE-2022-3172", "CVE-2022-36055", "CVE-2022-41296", "CVE-2022-41297"], "modified": "2022-11-30T23:02:42", "id": "6994DB9FF8EDDCBEB06E15718DA8FA8CDAE33F0D45671CA89D2EEFBFC761C838", "href": "https://www.ibm.com/support/pages/node/6843071", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-12-22T21:29:58", "description": "## Summary\n\nIn addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.3-IF015 and 22.0.1-IF005. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-41735](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41735>) \n** DESCRIPTION: **IBM Business Process Manager 21.0.1 through 21.0.3.1, 20.0.0.1 through 20.0.0.2 19.0.0.1 through 19.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 65687. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237809](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237809>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-40156](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40156>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-40151](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40151>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-40155](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40155>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236358](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236358>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-40153](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40153>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236356](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236356>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-40154](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40154>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236357](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236357>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-40152](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40152>) \n** DESCRIPTION: **XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By sending a specially-crafted XML data, a remote authenticated attacker could exploit this vulnerability to causes the parser to crash, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236355](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236355>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27191](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27191>) \n** DESCRIPTION: **Go ssh package is vulnerable to a denial of service, caused by an unspecified flaw in certain circumstances involving AddHostKey. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222162](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222162>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-35256](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35256>) \n** DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly handle header fields that are not terminated with CLRF by the llhttp parser in the http module. A remote attacker could send a specially-crafted request to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236964](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236964>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-3172](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3172>) \n** DESCRIPTION: **Kubernetes kube-apiserver is vulnerable to server-side request forgery, caused by a flaw with allowing an aggregated API server to redirect client traffic to any URL. By sending a specially-crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to unexpected actions and the client's API server credentials to third parties. \nCVSS Base score: 5.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-37734](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37734>) \n** DESCRIPTION: **GraphQL Java is vulnerable to a denial of service, caused by an uncontrolled resource consumption flaw. By sending a specially-crafted request using Directive overloading, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235781](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235781>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-29526](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the Faccessat function when called with a non-zero flags parameter. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain accessible file information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-24303](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24303>) \n** DESCRIPTION: **Pillow could allow a remote attacker to delete arbitrary files from the system, caused by mishandling spaces in temporary pathnames. By sending a specially-crafted request, an attacker could exploit this vulnerability to delete arbitrary files from the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222731](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222731>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2022-22817](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817>) \n** DESCRIPTION: **Pillow could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in PIL.ImageMath.eva. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-35255](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35255>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by the failure to check the return value after calls are made to EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236965](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236965>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-34141](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34141>) \n** DESCRIPTION: **NumPy is vulnerable to a denial of service, caused by incomplete string comparison in the numpy.core component. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to fail the APIs. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215944](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215944>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-22815](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815>) \n** DESCRIPTION: **Pillow could provide weaker than expected security, caused by improper initialization in ImagePath.Path in path_getbbox in path.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-22816](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816>) \n** DESCRIPTION: **Pillow could provide weaker than expected security, caused by a buffer over-read during initialization of ImagePath.Path in path_getbbox in path.c. By sending a specilly-crafted request, an attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216865](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216865>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-38390](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38390>) \n** DESCRIPTION: **Multiple IBM Business Automation Workflow versions are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233978. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/233978](<https://exchange.xforce.ibmcloud.com/vulnerabilities/233978>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-21618](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21618>) \n** DESCRIPTION: **Java SE could allow a remote attacker to bypass security restrictions, caused by an error in the JGSS component. By sending a specially-crafted request, an attacker could exploit this vulnerability using Kerberos to update, insert or delete access to some of Java SE accessible data. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238642](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238642>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21619](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21619>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238698](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238698>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21624](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21624>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238699](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238699>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-21626](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21626>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238689](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238689>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-21628](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21628>) \n** DESCRIPTION: **Java SE is vulnerable to a denial of service, caused by a flaw in the Lightweight HTTP Server. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238623](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238623>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-39399](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39399>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Security component could allow an unauthenticated attacker to update, insert or delete data resulting in a low integrity impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238700](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238700>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-46669](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46669>) \n** DESCRIPTION: **Mariadb is vulnerable to a denial of service, caused by a use-after-free flaw in the convert_const_to_int function. By sending a specially-crafted request using the BIGINT data type, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/218913](<https://exchange.xforce.ibmcloud.com/vulnerabilities/218913>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27376](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27376>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component Item_args::walk_arg. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224238](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224238>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27377](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27377>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component Item_func_in::cleanup(). By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224240](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224240>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27378](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27378>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component Create_tmp_table::finalize. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224241](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224241>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27379](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27379>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component Arg_comparator::compare_real_fixed. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224242](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224242>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27380](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27380>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component my_decimal::operator=. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224243](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224243>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27381](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27381>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component Field::set_default. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224244](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224244>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27382](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27382>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component Item_field::used_tables/update_depend_map_for_order. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224245](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224245>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27383](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27383>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component my_strcasecmp_8bit. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224248](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224248>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27384](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27384>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a flaw in the component Item_subselect::init_expr_cache_tracker. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224250](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224250>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27385](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27385>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a flaw in the component Used_tables_and_const_cache::used_tables_and_const_cache_join. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27386](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27386>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a flaw in the component sql/sql_class.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224252](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224252>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27387](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27387>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a global buffer overflow in the component decimal_bin_size. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224253](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224253>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27444](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27444>) \n** DESCRIPTION: **Mariadb Server is vulnerable to a denial of service, caused by a flaw in the component sql/item_subselect.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27445](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27445>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component sql/sql_window.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224341](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224341>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27446](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27446>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component sql/item_cmpfunc.h. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224342](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224342>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27447](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27447>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component Binary_string::free_buffer() at /sql/sql_string.h. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27448](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27448>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by an assertion failure in \"node-&gt;pcur-&gt;rel_pos == BTR_PCUR_ON\" at /row/row0mysql.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27449](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27449>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component sql/item_func.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224345](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224345>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27451](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27451>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component sql/field_conv.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27452](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27452>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a flaw in the component sql/item_cmpfunc.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a segmentation fault, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224347](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224347>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27455](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27455>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component my_wildcmp_8bit_impl at /strings/ctype-simple.c. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27456](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27456>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component VDec::VDec at /sql/sql_type.cc. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27457](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27457>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component my_mb_wc_latin1 at /strings/ctype-latin1.c. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27458](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27458>) \n** DESCRIPTION: **MariaDB Server is vulnerable to a denial of service, caused by a use-after-free flaw in the component Binary_string::free_buffer() at /sql/sql_string.h. By sending specially-crafted SQL statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224351](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224351>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-34917](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34917>) \n** DESCRIPTION: **Apache Kafka is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to allocate large amounts of memory on brokers, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236498](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236498>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s)| Status \n---|---|--- \n \nIBM Cloud Pak for Business Automation\n\n| V22.0.1 - V22.0.1-IF004| affected \nIBM Cloud Pak for Business Automation| V21.0.3 - V21.0.3-IF014| affected \nIBM Cloud Pak for Business Automation| \n\nV21.0.2 - V21.0.2-IF012 and later fixes \nV21.0.1 - V21.0.1-IF007 and later fixes \nV20.0.1 - V20.0.3 and later fixes \nV19.0.1 - V19.0.3 and later fixes \nV18.0.0 - V18.0.2 and later fixes\n\n| affected \n \n## Remediation/Fixes\n\nAny open source library may be included in one or more sub-components of IBM Cloud Pak for Business Automation. Open source updates are not always synchronized across all components. The CVE in this bulletin are specifically addressed by\n\nCVE ID| Addressed in component \n---|--- \nCVE-2022-35255, CVE-2022-35256| All Node.js based images \nCVE-2022-40151, CVE-2022-40152, CVE-2022-40153, CVE-2022-40154, CVE-2022-40155, CVE-2022-40156| Business Automation Navigator Component \nCVE-2022-38390, CVE-2022-41735| Business Automation Studio Component \nCVE-2021-34141, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817, CVE-2022-24303, CVE-2022-34917, CVE-2022-21618, CVE-2022-21619, CVE-2022-21624, CVE-2022-21626, CVE-2022-21628, CVE-2022-39399, CVE-2022-41735| Business Automation Workflow / Workflow Process Service \nCVE-2021-46669, CVE-2022-27376, CVE-2022-27377, CVE-2022-27378, CVE-2022-27379, CVE-2022-27380, CVE-2022-27381, CVE-2022-27382, CVE-2022-27383, CVE-2022-27384, CVE-2022-27385, CVE-2022-27386, CVE-2022-27387, CVE-2022-27444, CVE-2022-27445, CVE-2022-27446, CVE-2022-27447, CVE-2022-27448, CVE-2022-27449, CVE-2022-27451, CVE-2022-27452, CVE-2022-27455, CVE-2022-27456, CVE-2022-27457, CVE-2022-27458| Images related to Starter Pattern \nCVE-2022-27191, CVE-2022-29526, CVE-2022-3172, CVE-2022-37734| User Management Service Component / Business Teams Service \n \nAffected Product(s)| Version(s)| Remediation / Fix \n---|---|--- \nIBM Cloud Pak for Business Automation| V22.0.1 - V22.0.1-IF004| Apply security fix [22.0.1-IF005](<https://www.ibm.com/support/pages/node/6834144> \"22.0.1-IF005\" ) \nIBM Cloud Pak for Business Automation| V21.0.3 - V21.0.3-IF014| Apply security fix [21.0.3-IF015](<https://www.ibm.com/support/pages/node/6834152> \"21.0.3-IF015\" ) or upgrade to [22.0.1-IF005](<https://www.ibm.com/support/pages/node/6834144> \"22.0.1-IF005\" ) \nIBM Cloud Pak for Business Automation| V21.0.1 - V21.0.1-IF008 \nV20.0.1 - V20.0.3 \nV19.0.1 - V19.0.3 \nV18.0.0 - V18.0.2| Upgrade to [21.0.3-IF015](<https://www.ibm.com/support/pages/node/6834152> \"21.0.3-IF015\" ) or [22.0.1-IF005](<https://www.ibm.com/support/pages/node/6834144> \"22.0.1-IF005\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Acknowledgement\n\nThe vulnerability was reported to IBM by Man Shum, https://www.linkedin.com/in/man-shum/., Sujay Kumar\n\n## Change History\n\n22 Dec 2022: Updated CVE list \n15 Dec 2022: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSBYVB\",\"label\":\"IBM Cloud Pak for Business Automation\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"18.0.0, 18.0.1,18.0.2,19.0.1,19.0.2,19.0.3,20.0.1,20.0.2,20.0.3,21.0.1,21.0.2,21.0.3,22.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}},{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS2JQC\",\"label\":\"IBM Cloud Pak for Automation\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF025\",\"label\":\"Platform Independent\"}],\"Version\":\"18.0.0, 18.0.1,18.0.2,19.0.1,19.0.2,19.0.3,20.0.1,20.0.2,20.0.3,21.0.1,21.0.2,21.0.3,22.0.1\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB45\",\"label\":\"Automation\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-22T18:13:14", "type": "ibm", "title": "Security Bulletin: Security vulnerability is addressed with IBM Cloud Pak for Business Automation iFixes for November 2022", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-34141", "CVE-2021-46669", "CVE-2022-21618", "CVE-2022-21619", "CVE-2022-21624", "CVE-2022-21626", "CVE-2022-21628", "CVE-2022-22815", "CVE-2022-22816", "CVE-2022-22817", "CVE-2022-24303", "CVE-2022-27191", "CVE-2022-27376", "CVE-2022-27377", "CVE-2022-27378", "CVE-2022-27379", "CVE-2022-27380", "CVE-2022-27381", "CVE-2022-27382", "CVE-2022-27383", "CVE-2022-27384", "CVE-2022-27385", "CVE-2022-27386", "CVE-2022-27387", "CVE-2022-27444", "CVE-2022-27445", "CVE-2022-27446", "CVE-2022-27447", "CVE-2022-27448", "CVE-2022-27449", "CVE-2022-27451", "CVE-2022-27452", "CVE-2022-27455", "CVE-2022-27456", "CVE-2022-27457", "CVE-2022-27458", "CVE-2022-29526", "CVE-2022-3172", "CVE-2022-34917", "CVE-2022-35255", "CVE-2022-35256", "CVE-2022-37734", "CVE-2022-38390", "CVE-2022-39399", "CVE-2022-40151", "CVE-2022-40152", "CVE-2022-40153", "CVE-2022-40154", "CVE-2022-40155", "CVE-2022-40156", "CVE-2022-41735"], "modified": "2022-12-22T18:13:14", "id": "5BE52962678849208DBB78075A36D8D5B485DEC707628BB3A9D37D4AA01BC678", "href": "https://www.ibm.com/support/pages/node/6848295", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2022-10-03T18:44:38", "description": "kubernetes\n[1.22.14-1]\n- Added Oracle specific build files for Kubernetes\nkubernetes\n[1.23.11-1]\n- Added Oracle specific build files for Kubernetes\nolcne\n[1.5.6-1]\n- Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14\n- Resolve Kubernetes CVE-2022-3172 for version 1.21\n- Resolve Kubernetes CVE-2022-3172 for version 1.22\n- Resolve Kubernetes CVE-2022-3172 for version 1.23\n[1.5.5-1]\n- Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045\n[1.5.4-3]\n- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over\n[1.5.4-2]\n- Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227\n[1.5.4-1]\n- Upgrade Kubernetes to 1.23.7\n[1.5.3-1]\n- Address qemu CVE-2022-26353, CVE-2021-3748\n[1.5.2-1]\n- Excluded unnecessary directories from k8s backup files\n[1.5.1-1]\n- Fixed the bug in fetching node metadata for non-cloud nodes\n[1.5.0-2]\n- Upgrade Helm to 3.7.1-2\n[1.5.0-2]\n- fix null pointer exception in systemd service state validation\n[1.5.0-1]\n- Introduce support for compact Kubernetes clusters\n- Introduce MetalLB\n- Introduce Oracle Cloud Infrastructure Cloud Controller Manager\n- Improved log messages in Platform API Server and Platform Agent\n- Upgrade Kubernetes to 1.22.8\n- Upgrade Istio to 1.13.2\n- Renamed the oci-csi module to oci-ccm\n[1.5.0-20.alpha]\n- Update istio-1.13.2 grafana to 7.5.15\n[1.5.0-14.alpha]\n- Metallb fix\n[1.5.0-11.alpha]\n- Remove module directories when olcne rpm is uninstalled\n[1.5.0-10.alpha]\n- OCI CCM 0.13.0\n[1.5.0-9.alpha]\n- Reworked log messages\n[1.5.0-8.alpha]\n- Update Istio to 1.13.2(prometheus-2.31.1, grafana-8.4.6)\n[1.5.0-7.alpha]\n- Update Istio to 1.12.6(prometheus-2.30.1, grafana-7.5.15)\n[1.5.0-6.alpha]\n- Update to k8s 1.22 with golang 1.17\n[1.5.0-5.alpha]\n- Update internal docs for oci-ccm module\n[1.5.0-4.alpha]\n- Extend oci-ccm module to support load balancer\n[1.5.0-3.alpha]\n- Firewall pre-req\n[1.5.0-2.alpha]\n- Ensure that config map settings needed by metallb is preserved during k8s upgrade\n[1.5.0-1.alpha]\n- Metallb module\n[1.4.1-14]\n- Added 1.4 extra images to registry-image-helper.sh script\n[1.4.1-13]\n- Update sudoers file and changed its permissions to '0440'\n[1.4.1-12]\n- Update olcne-kubernetes.md file for 'compact' flag\n[1.4.1-11]\n- Ensure that the order of items in an upgraded config file is stable with respect to the original file\n[1.4.1-10]\n- Ensure that old olcnectl config files are upgraded\n[1.4.1-9]\n- Rename oci-csi module to oci-ccm and add support for oci-ccm loadbalancer creation\n[1.4.1-8]\n- Make 'compact' flag updatable\n[1.4.1-7]\n- Introduce 'compact' that enables control-plane nodes to run any workloads\n[1.4.1-6]\n- Ability to label 1 or more kubernetes nodes\n[1.4.1-5]\n- Fixed a bug where specifying a port in the container-registry argument\n to the Kubernetes module would result in pods not being able to start.\n[1.4.1-4]\n- Update helm to 3.7.1\n[1.4.1-3]\n- Update versions to Istio-1.12.2, prometheus-2.31.1 and grafana-7.5.11\n[1.4.1-2]\n- Allow loadbalancer to be configured regardless of security list mode\n[1.4.0-4]\n- Fix bug in initialising certs manager when environment name not mentioned\n[1.4.0-3]\n- Fix bug in fetching report for multi-environment\n[1.4.0-2]\n- Pause image is 3.4.1\n[1.4.0-1]\n- CSI plugin\n- Reports feature\n- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade\n- Istio-1.9.4 to Istio-1.11.4 upgrade\n- Component upgrades\n- Config file feature\n[1.3.0-13]\n- Fix iptables issue when running on OL7 host using OL8 image\n[1.3.0-12]\n- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007\n[1.3.0-11]\n- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]\n[1.3.0-10]\n- Fixed missing double semicolon in registry image helper\n[1.3.0-9]", "cvss3": {}, "published": "2022-10-03T00:00:00", "type": "oraclelinux", "title": "kubernetes security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-03T00:00:00", "id": "ELSA-2022-9856", "href": "http://linux.oracle.com/errata/ELSA-2022-9856.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-05T22:49:03", "description": "kubernetes\n[1.21.14-2]\n- Fixed kubernetes-cni version.\n[1.21.14-1]\n- Addresses CVE-2022-3172\nolcne\n[1.4.8-2]\n- Updated Kubernetes package release version to 1.21.6-2\n[1.4.8-1]\n- Upgraded kubernetes-1.21.6 to 1.21.14\n- Resolve Kubernetes CVE-2022-3172 for version 1.21\n[1.4.7-1]\n- Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045\n[1.4.6-2]\n- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over\n- Update gen-certs-helper script to skip printing olcne_transfer_script execution\n- Cleanup grpc connection when node not found and use substr method in case fqdn used for hostname\n[1.4.6-1]\n- Adress Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227\n[1.4.5-1]\n- Address qemu CVE-2022-26353, CVE-2021-3748\n[1.4.4-1]\n- Excluded unnecessary directories from k8s backup files\n[1.4.3-1]\n- Update Istio to 1.13.2\n[1.4.2-1]\n- Added 1.4 extra images to registry-image-helper.sh script\n[1.4.1-4]\n- Ensure that the order of items in an upgraded config file is stable with respect to the original file\n- Ensure that old olcnectl config files are upgraded\n[1.4.1-3]\n- Fixed a bug where specifying a port in the container-registry argument\n to the Kubernetes module would result in pods not being able to start.\n[1.4.1-2]\n- Allow loadbalancer to be configured regardless of security list mode\n[1.4.1-1]\n- Fix bug in initialising certs manager when environment name not mentioned\n[1.4.0-3]\n- Fix bug in fetching report for multi-environment\n[1.4.0-2]\n- Pause image is 3.4.1\n[1.4.0-1]\n- CSI plugin\n- Reports feature\n- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade\n- Istio-1.9.4 to Istio-1.11.4 upgrade\n- Component upgrades\n- Config file feature\n[1.3.0-13]\n- Fix iptables issue when running on OL7 host using OL8 image\n[1.3.0-12]\n- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007\n[1.3.0-11]\n- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]\n[1.3.0-10]\n- Fixed missing double semicolon in registry image helper\n[1.3.0-9]", "cvss3": {}, "published": "2022-10-05T00:00:00", "type": "oraclelinux", "title": "kubernetes security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-05T00:00:00", "id": "ELSA-2022-9854", "href": "http://linux.oracle.com/errata/ELSA-2022-9854.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-10-03T16:44:35", "description": "kubernetes\n[1.22.14-1]\n- Added Oracle specific build files for Kubernetes\nkubernetes\n[1.23.11-1]\n- Added Oracle specific build files for Kubernetes\nolcne\n[1.5.6-1]\n- Upgraded kubernetes-1.23.7 to 1.23.11, 1.22.8 to 1.22.14 and 1.21.6 to 1.21.14\n- Resolve Kubernetes CVE-2022-3172 for version 1.21\n- Resolve Kubernetes CVE-2022-3172 for version 1.22\n- Resolve Kubernetes CVE-2022-3172 for version 1.23\n[1.5.5-1]\n- Upgrade Istio from 1.13.5 to 1.13.7 to resolve the CVE-2022-31045\n[1.5.4-3]\n- Fix bug in gen-certs-helper script to change permission of node.key to allow opc user to copy over\n[1.5.4-2]\n- Istio CVE-2022-31045, CVE-2022-29225, CVE-2022-29224,CVE-2022-29226,CVE-2022-29228,CVE-2022-29227\n[1.5.4-1]\n- Upgrade Kubernetes to 1.23.7\n[1.5.3-1]\n- Address qemu CVE-2022-26353, CVE-2021-3748\n[1.5.2-1]\n- Excluded unnecessary directories from k8s backup files\n[1.5.1-1]\n- Fixed the bug in fetching node metadata for non-cloud nodes\n[1.5.0-2]\n- Upgrade Helm to 3.7.1-2\n[1.5.0-2]\n- fix null pointer exception in systemd service state validation\n[1.5.0-1]\n- Introduce support for compact Kubernetes clusters\n- Introduce MetalLB\n- Introduce Oracle Cloud Infrastructure Cloud Controller Manager\n- Improved log messages in Platform API Server and Platform Agent\n- Upgrade Kubernetes to 1.22.8\n- Upgrade Istio to 1.13.2\n- Renamed the oci-csi module to oci-ccm\n[1.5.0-20.alpha]\n- Update istio-1.13.2 grafana to 7.5.15\n[1.5.0-14.alpha]\n- Metallb fix\n[1.5.0-11.alpha]\n- Remove module directories when olcne rpm is uninstalled\n[1.5.0-10.alpha]\n- OCI CCM 0.13.0\n[1.5.0-9.alpha]\n- Reworked log messages\n[1.5.0-8.alpha]\n- Update Istio to 1.13.2(prometheus-2.31.1, grafana-8.4.6)\n[1.5.0-7.alpha]\n- Update Istio to 1.12.6(prometheus-2.30.1, grafana-7.5.15)\n[1.5.0-6.alpha]\n- Update to k8s 1.22 with golang 1.17\n[1.5.0-5.alpha]\n- Update internal docs for oci-ccm module\n[1.5.0-4.alpha]\n- Extend oci-ccm module to support load balancer\n[1.5.0-3.alpha]\n- Firewall pre-req\n[1.5.0-2.alpha]\n- Ensure that config map settings needed by metallb is preserved during k8s upgrade\n[1.5.0-1.alpha]\n- Metallb module\n[1.4.1-14]\n- Added 1.4 extra images to registry-image-helper.sh script\n[1.4.1-13]\n- Update sudoers file and changed its permissions to '0440'\n[1.4.1-12]\n- Update olcne-kubernetes.md file for 'compact' flag\n[1.4.1-11]\n- Ensure that the order of items in an upgraded config file is stable with respect to the original file\n[1.4.1-10]\n- Ensure that old olcnectl config files are upgraded\n[1.4.1-9]\n- Rename oci-csi module to oci-ccm and add support for oci-ccm loadbalancer creation\n[1.4.1-8]\n- Make 'compact' flag updatable\n[1.4.1-7]\n- Introduce 'compact' that enables control-plane nodes to run any workloads\n[1.4.1-6]\n- Ability to label 1 or more kubernetes nodes\n[1.4.1-5]\n- Fixed a bug where specifying a port in the container-registry argument\n to the Kubernetes module would result in pods not being able to start.\n[1.4.1-4]\n- Update helm to 3.7.1\n[1.4.1-3]\n- Update versions to Istio-1.12.2, prometheus-2.31.1 and grafana-7.5.11\n[1.4.1-2]\n- Allow loadbalancer to be configured regardless of security list mode\n[1.4.0-4]\n- Fix bug in initialising certs manager when environment name not mentioned\n[1.4.0-3]\n- Fix bug in fetching report for multi-environment\n[1.4.0-2]\n- Pause image is 3.4.1\n[1.4.0-1]\n- CSI plugin\n- Reports feature\n- Kubernetes-1.20.6 to Kubernetes-1.21.6 upgrade\n- Istio-1.9.4 to Istio-1.11.4 upgrade\n- Component upgrades\n- Config file feature\n[1.3.0-13]\n- Fix iptables issue when running on OL7 host using OL8 image\n[1.3.0-12]\n- Address CVE's ISTIO-SECURITY-2021-003, ISTIO-SECURITY-2021-005, ISTIO-SECURITY-2021-006, ISTIO-SECURITY-2021-007\n[1.3.0-11]\n- Fixed yaml file to stop olcne-nginx and keepalived services at uninstall [Orabug: 32296282]\n[1.3.0-10]\n- Fixed missing double semicolon in registry image helper\n[1.3.0-9]", "cvss3": {}, "published": "2022-10-03T00:00:00", "type": "oraclelinux", "title": "kubernetes security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-03T00:00:00", "id": "ELSA-2022-9855", "href": "http://linux.oracle.com/errata/ELSA-2022-9855.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-02-01T08:07:37", "description": "A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties.\n", "cvss3": {}, "published": "2022-09-19T05:43:26", "type": "redhatcve", "title": "CVE-2022-3172", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2023-02-01T06:35:17", "id": "RH:CVE-2022-3172", "href": "https://access.redhat.com/security/cve/cve-2022-3172", "cvss": {"score": 0.0, "vector": "NONE"}}], "debiancve": [{"lastseen": "2022-10-03T18:12:20", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "cvss3": {}, "published": "2022-10-03T16:44:37", "type": "debiancve", "title": "CVE-2022-3172", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-10-03T16:44:37", "id": "DEBIANCVE:CVE-2022-3172", "href": "https://security-tracker.debian.org/tracker/CVE-2022-3172", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2022-10-26T13:09:51", "description": "[Unknown description]\n\n#### Notes\n\nAuthor| Note \n---|--- \n[leosilva](<https://launchpad.net/~leosilva>) | kubernates is in fact a kubernetes installer that calls snap, not the package it self.\n", "cvss3": {}, "published": "2022-09-26T00:00:00", "type": "ubuntucve", "title": "CVE-2022-3172", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-09-26T00:00:00", "id": "UB:CVE-2022-3172", "href": "https://ubuntu.com/security/CVE-2022-3172", "cvss": {"score": 0.0, "vector": "NONE"}}], "hackerone": [{"lastseen": "2023-02-03T02:24:13", "bounty": 1000.0, "description": "Report Submission Form\n\n## Summary:\nThis report uses metrics-server as example, but it should be applicable to any aggregated api server.\n\nWhen metrics-server is hijacked, either by modifying the container image directly or by running another pods using the same label selector in kube-system namespace, and is returning 30X redirect, the clients calling the metrics api will follow the redirect.\n\nIt could be a serious issue in managed Kubernetes offerings such as Azure Kubernetes Service (AKS) where clients from managed components may be redirected to call the internal endpoints.\n\nNote: my coworker, Nicolas Joly, found the issue and reported my team (AKS)\n\n## Kubernetes Version:\nall k8s versions on AKS. I believe it's the same in other cloud providers.\n\n## Component Version:\nn/a\n\n## Steps To Reproduce:\n* Attached main.go is a very simple redirection api server. I've built the docker image on weinong/go-redirect.\n* update and deploy `go-redirect.yaml` with your endpoint to capture the redirected traffic in kube-system namespace. It uses the same pod label selector as metrics-server does\n* you should be able to observe redirected traffic from the control plane components \n\n## Supporting Material/References:\nSample output being logged in the web server capturing redirected traffic:\n```\n2022/04/16 00:30:13 src IP: 20.51.80.40:4096\nGET / HTTP/1.1\nHost: 20.85.59.5\nAccept: application/json, */*\nAccept-Encoding: gzip\nAuthorization: Bearer <omitted>\nUser-Agent: azurepolicyaddon/v0.0.0 (linux/amd64) kubernetes/$Format\n\nGET / HTTP/1.1\nHost: 20.85.59.5\nAccept: application/vnd.kubernetes.protobuf, */*\nAuthorization: Bearer <omitted>\nUser-Agent: kube-controller-manager/v1.17.13 (linux/amd64) kubernetes/f4a8e76/system:serviceaccount:kube-system:generic-garbage-collector\n\n2022/04/16 00:34:37 src IP: 20.69.190.88:21504\nGET / HTTP/1.1\nHost: 20.85.59.5\nAccept: application/json, */*\nAccept-Encoding: gzip\nAuthorization: Bearer <omitted>\nUser-Agent: cpmonitor/v0.0.0 (linux/amd64) kubernetes/$Format\n```\n\n * [attachment / reference]\n\n## Impact\n\n* Bearer token may be logged in the logging system in those internal backend \n* Potentially, they may be logged by kube-controller-manager or kubernetes api-server at certain verbose level (not verified)\n* Redirected traffic may hit external/internal endpoints for spamming which would look originating from the cloud providers", "cvss3": {}, "published": "2022-04-19T01:33:58", "type": "hackerone", "title": "Kubernetes: SSRF vulnerability can be exploited when a hijacked aggregated api server such as metrics-server returns 30X", "bulletinFamily": "bugbounty", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2022-12-10T18:45:00", "id": "H1:1544133", "href": "https://hackerone.com/reports/1544133", "cvss": {"score": 0.0, "vector": "NONE"}}], "veracode": [{"lastseen": "2023-02-03T06:43:30", "description": "openshift is vulnerable to Open Redirect. The vulnerability exists in the `kube-apiserver`, which allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties. \n", "cvss3": {}, "published": "2023-01-31T00:45:56", "type": "veracode", "title": "Open Redirect", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3172"], "modified": "2023-01-31T03:10:22", "id": "VERACODE:39057", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-39057/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhat": [{"lastseen": "2023-01-25T14:43:43", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.0. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:7399\n\nSecurity Fix(es):\n\n* go-yaml: Denial of Service in go-yaml (CVE-2021-4235)\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n* kubernetes: Unauthorized read of Custom Resources (CVE-2022-3162)\n* kube-apiserver: Aggregated API server can cause clients to be redirected (SSRF) (CVE-2022-3172)\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n* cri-o: incorrect handling of the supplementary groups (CVE-2022-2995)\n* OpenShift: Missing HTTP Strict Transport Security (CVE-2022-3259)\n* cri-o: Security regression of CVE-2022-27652 (CVE-2022-3466)\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.12/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-17T14:27:50", "type": "redhat", "title": "(RHSA-2022:7398) Moderate: OpenShift Container Platform 4.12.0 packages and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-4235", "CVE-2022-27652", "CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-2995", "CVE-2022-30631", "CVE-2022-3162", "CVE-2022-3172", "CVE-2022-32148", "CVE-2022-32189", "CVE-2022-32190", "CVE-2022-3259", "CVE-2022-3466", "CVE-2022-41715"], "modified": "2023-01-25T13:50:36", "id": "RHSA-2022:7398", "href": "https://access.redhat.com/errata/RHSA-2022:7398", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-17T20:11:07", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.12.0. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:7398\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.12/release_notes/ocp-4-12-release-notes.html\n\nSecurity Fix(es):\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n(CVE-2021-38561)\n* golang: net/http: improper sanitization of Transfer-Encoding header\n(CVE-2022-1705)\n* golang: archive/tar: unbounded memory consumption when reading headers\n(CVE-2022-2879)\n* golang: net/http/httputil: ReverseProxy should not forward unparseable\nquery parameters (CVE-2022-2880)\n* prometheus/client_golang: Denial of service using\nInstrumentHandlerCounter (CVE-2022-21698)\n* golang: net/http/httputil: NewSingleHostReverseProxy - omit\nX-Forwarded-For not working (CVE-2022-32148)\n* golang: net/url: JoinPath does not strip relative path components in all\ncircumstances (CVE-2022-32190)\n* vault: insufficient certificate revocation list checking (CVE-2022-41316)\n* golang: regexp/syntax: limit memory used by parsing regexps\n(CVE-2022-41715)\n* openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher (CVE-2023-0296)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s)\nlisted in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-17T19:33:50", "type": "redhat", "title": "(RHSA-2022:7399) Moderate: OpenShift Container Platform 4.12.0 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-22570", "CVE-2021-38561", "CVE-2021-4235", "CVE-2022-1705", "CVE-2022-21698", "CVE-2022-24302", "CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-2995", "CVE-2022-30631", "CVE-2022-3162", "CVE-2022-3172", "CVE-2022-32148", "CVE-2022-32189", "CVE-2022-32190", "CVE-2022-3259", "CVE-2022-3466", "CVE-2022-41316", "CVE-2022-41715", "CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012", "CVE-2022-42898", "CVE-2023-0296"], "modified": "2023-01-17T19:34:38", "id": "RHSA-2022:7399", "href": "https://access.redhat.com/errata/RHSA-2022:7399", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}