barbican - security update

2022-10-04T00:00:00

Description

Douglas Mendizabal discovered that Barbican, the OpenStack Key Management Service, incorrectly parsed requests which could allow an authenticated user to bypass Barbican access policies. For the stable distribution (bullseye), this problem has been fixed in version 1:11.0.0-3+deb11u1. We recommend that you upgrade your barbican packages. For the detailed security status of barbican please refer to its security tracker page at: [\ https://security-tracker.debian.org/tracker/barbican](https://security-tracker.debian.org/tracker/barbican)

Affected Software

CPE Name	Name	Version
	barbican	1:11.0.0-3

{"id": "OSV:DSA-5247-1", "bulletinFamily": "software", "title": "barbican - security update", "description": "\nDouglas Mendizabal discovered that Barbican, the OpenStack Key Management\nService, incorrectly parsed requests which could allow an authenticated\nuser to bypass Barbican access policies.\n\n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 1:11.0.0-3+deb11u1.\n\n\nWe recommend that you upgrade your barbican packages.\n\n\nFor the detailed security status of barbican please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/barbican](https://security-tracker.debian.org/tracker/barbican)\n\n\n", "published": "2022-10-04T00:00:00", "modified": "2022-10-05T00:08:31", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://osv.dev/vulnerability/DSA-5247-1", "reporter": "Google", "references": ["https://www.debian.org/security/2022/dsa-5247"], "cvelist": ["CVE-2022-3100"], "immutableFields": [], "type": "osv", "lastseen": "2022-10-05T00:08:34", "edition": 1, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"idList": ["RH:CVE-2022-3100"], "type": "redhatcve"}, {"idList": ["OSV:DLA-3136-1"], "type": "osv"}, {"idList": ["DEBIANCVE:CVE-2022-3100"], "type": "debiancve"}, {"idList": ["RHSA-2022:6750"], "type": "redhat"}, {"idList": ["DEBIAN:DLA-3136-1:516CC"], "type": "debian"}, {"idList": ["REDHAT-RHSA-2022-6750.NASL"], "type": "nessus"}, {"idList": ["UB:CVE-2022-3100"], "type": "ubuntucve"}]}, "score": {"value": 2.1, "vector": "NONE"}, "epss": [{"cve": "CVE-2022-3100", "epss": "0.000490000", "percentile": "0.152400000", "modified": "2023-03-20"}], "vulnersScore": 2.1}, "_state": {"dependencies": 1664928820, "score": 1664928901, "affected_software_major_version": 1666703109, "epss": 1679338714}, "_internal": {"score_hash": "1c7230fe28515e053814c182ffa01067"}, "affectedSoftware": [{"name": "barbican", "operator": "eq", "version": "1:11.0.0-3"}]}

{"debiancve": [{"lastseen": "2023-02-03T06:04:05", "description": "A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2023-01-18T17:15:00", "type": "debiancve", "title": "CVE-2022-3100", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-18T17:15:00", "id": "DEBIANCVE:CVE-2022-3100", "href": "https://security-tracker.debian.org/tracker/CVE-2022-3100", "cvss": {"score": 0.0, "vector": "NONE"}}], "nessus": [{"lastseen": "2023-03-14T22:30:05", "description": "The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6750 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-03T00:00:00", "type": "nessus", "title": "RHEL 7 / 8 / 9 : Red Hat OpenStack Platform (openstack-barbican) (RHSA-2022:6750)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:9", "p-cpe:/a:redhat:enterprise_linux:openstack-barbican", "p-cpe:/a:redhat:enterprise_linux:openstack-barbican-api", "p-cpe:/a:redhat:enterprise_linux:openstack-barbican-common", "p-cpe:/a:redhat:enterprise_linux:python3-barbican"], "id": "REDHAT-RHSA-2022-6750.NASL", "href": "https://www.tenable.com/plugins/nessus/165628", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6750. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165628);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/27\");\n\n script_cve_id(\"CVE-2022-3100\");\n script_xref(name:\"RHSA\", value:\"2022:6750\");\n\n script_name(english:\"RHEL 7 / 8 / 9 : Red Hat OpenStack Platform (openstack-barbican) (RHSA-2022:6750)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by a vulnerability as\nreferenced in the RHSA-2022:6750 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-3100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2125404\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3100\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(305);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openstack-barbican\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openstack-barbican-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openstack-barbican-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-barbican\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['7','8','9'])) audit(AUDIT_OS_NOT, 'Red Hat 7.x / 8.x / 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.1/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.1/os',\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.1/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.1/os',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.1/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.1/os',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/os',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openstack-barbican-9.0.1-1.20220112203416.07be198.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-api-9.0.1-1.20220112203416.07be198.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-common-9.0.1-1.20220112203416.07be198.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'python3-barbican-9.0.1-1.20220112203416.07be198.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.2/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.2/os',\n 'content/dist/layered/rhel8/ppc64le/openstack-cinderlib/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.2/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.2/os',\n 'content/dist/layered/rhel8/ppc64le/openstack-deployment-tools/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.2/debug',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.2/os',\n 'content/dist/layered/rhel8/ppc64le/openstack/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/os',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openstack-barbican-9.0.2-2.20220122185349.c718783.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-api-9.0.2-2.20220122185349.c718783.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-common-9.0.2-2.20220122185349.c718783.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'python3-barbican-9.0.2-2.20220122185349.c718783.el8ost', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel9/x86_64/openstack-cinderlib/17/debug',\n 'content/dist/layered/rhel9/x86_64/openstack-cinderlib/17/os',\n 'content/dist/layered/rhel9/x86_64/openstack-cinderlib/17/source/SRPMS',\n 'content/dist/layered/rhel9/x86_64/openstack-deployment-tools/17/debug',\n 'content/dist/layered/rhel9/x86_64/openstack-deployment-tools/17/os',\n 'content/dist/layered/rhel9/x86_64/openstack-deployment-tools/17/source/SRPMS',\n 'content/dist/layered/rhel9/x86_64/openstack-tools/17/debug',\n 'content/dist/layered/rhel9/x86_64/openstack-tools/17/os',\n 'content/dist/layered/rhel9/x86_64/openstack-tools/17/source/SRPMS',\n 'content/dist/layered/rhel9/x86_64/openstack/17/debug',\n 'content/dist/layered/rhel9/x86_64/openstack/17/os',\n 'content/dist/layered/rhel9/x86_64/openstack/17/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openstack-barbican-12.0.1-0.20220614210405.486e607.el9ost', 'release':'9', 'el_string':'el9ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-api-12.0.1-0.20220614210405.486e607.el9ost', 'release':'9', 'el_string':'el9ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-common-12.0.1-0.20220614210405.486e607.el9ost', 'release':'9', 'el_string':'el9ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'python3-barbican-12.0.1-0.20220614210405.486e607.el9ost', 'release':'9', 'el_string':'el9ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/7/7Client/x86_64/openstack-tools/13/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/openstack-tools/13/os',\n 'content/dist/rhel/client/7/7Client/x86_64/openstack-tools/13/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/source/SRPMS',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack/13/debug',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack/13/os',\n 'content/dist/rhel/power-le/7/7Server/ppc64le/openstack/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-devtools/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-devtools/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-devtools/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-octavia/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-octavia/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-octavia/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-optools/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-optools/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-optools/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-tools/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-tools/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack-tools/13/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack/13/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack/13/os',\n 'content/dist/rhel/server/7/7Server/x86_64/openstack/13/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/source/SRPMS',\n 'content/els/rhel/client/7/7Client/x86_64/openstack-tools/13/debug',\n 'content/els/rhel/client/7/7Client/x86_64/openstack-tools/13/os',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/debug',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/os',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-deployment-tools/13/source/SRPMS',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/debug',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/os',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-devtools/13/source/SRPMS',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/debug',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/os',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack-optools/13/source/SRPMS',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack/13/debug',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack/13/os',\n 'content/els/rhel/power-le/7/7Server/ppc64le/openstack/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-deployment-tools/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-devtools/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-devtools/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-devtools/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-octavia/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-octavia/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-octavia/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-optools/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-optools/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-optools/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-tools/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-tools/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack-tools/13/source/SRPMS',\n 'content/els/rhel/server/7/7Server/x86_64/openstack/13/debug',\n 'content/els/rhel/server/7/7Server/x86_64/openstack/13/os',\n 'content/els/rhel/server/7/7Server/x86_64/openstack/13/source/SRPMS',\n 'content/els/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/debug',\n 'content/els/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/os',\n 'content/els/rhel/workstation/7/7Workstation/x86_64/openstack-tools/13/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'openstack-barbican-6.0.1-6.el7ost', 'release':'7', 'el_string':'el7ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-api-6.0.1-6.el7ost', 'release':'7', 'el_string':'el7ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'},\n {'reference':'openstack-barbican-common-6.0.1-6.el7ost', 'release':'7', 'el_string':'el7ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openstack-barbican / openstack-barbican-api / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-15T02:40:37", "description": "The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3136 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-05T00:00:00", "type": "nessus", "title": "Debian DLA-3136-1 : barbican - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:barbican-api", "p-cpe:/a:debian:debian_linux:barbican-common", "p-cpe:/a:debian:debian_linux:barbican-doc", "p-cpe:/a:debian:debian_linux:barbican-keystone-listener", "p-cpe:/a:debian:debian_linux:barbican-worker", "p-cpe:/a:debian:debian_linux:python3-barbican", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3136.NASL", "href": "https://www.tenable.com/plugins/nessus/165708", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3136. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165708);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/27\");\n\n script_cve_id(\"CVE-2022-3100\");\n\n script_name(english:\"Debian DLA-3136-1 : barbican - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3136\nadvisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/barbican\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3136\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/barbican\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the barbican packages.\n\nFor Debian 10 buster, this problem has been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3100\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-keystone-listener\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-barbican\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'barbican-api', 'reference': '1:7.0.0-1+deb10u1'},\n {'release': '10.0', 'prefix': 'barbican-common', 'reference': '1:7.0.0-1+deb10u1'},\n {'release': '10.0', 'prefix': 'barbican-doc', 'reference': '1:7.0.0-1+deb10u1'},\n {'release': '10.0', 'prefix': 'barbican-keystone-listener', 'reference': '1:7.0.0-1+deb10u1'},\n {'release': '10.0', 'prefix': 'barbican-worker', 'reference': '1:7.0.0-1+deb10u1'},\n {'release': '10.0', 'prefix': 'python3-barbican', 'reference': '1:7.0.0-1+deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'barbican-api / barbican-common / barbican-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-14T08:33:21", "description": "The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5247 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-05T00:00:00", "type": "nessus", "title": "Debian DSA-5247-1 : barbican - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-27T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:barbican-api", "p-cpe:/a:debian:debian_linux:barbican-common", "p-cpe:/a:debian:debian_linux:barbican-doc", "p-cpe:/a:debian:debian_linux:barbican-keystone-listener", "p-cpe:/a:debian:debian_linux:barbican-worker", "p-cpe:/a:debian:debian_linux:python3-barbican", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5247.NASL", "href": "https://www.tenable.com/plugins/nessus/165707", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5247. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165707);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/27\");\n\n script_cve_id(\"CVE-2022-3100\");\n\n script_name(english:\"Debian DSA-5247-1 : barbican - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5247\nadvisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021139\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/barbican\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5247\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-3100\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/barbican\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the barbican packages.\n\nFor the stable distribution (bullseye), this problem has been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3100\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-keystone-listener\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:barbican-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-barbican\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'barbican-api', 'reference': '1:11.0.0-3+deb11u1'},\n {'release': '11.0', 'prefix': 'barbican-common', 'reference': '1:11.0.0-3+deb11u1'},\n {'release': '11.0', 'prefix': 'barbican-doc', 'reference': '1:11.0.0-3+deb11u1'},\n {'release': '11.0', 'prefix': 'barbican-keystone-listener', 'reference': '1:11.0.0-3+deb11u1'},\n {'release': '11.0', 'prefix': 'barbican-worker', 'reference': '1:11.0.0-3+deb11u1'},\n {'release': '11.0', 'prefix': 'python3-barbican', 'reference': '1:11.0.0-3+deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'barbican-api / barbican-common / barbican-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-13T16:35:46", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5697-1 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-25T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Barbican vulnerability (USN-5697-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-27T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:barbican-api", "p-cpe:/a:canonical:ubuntu_linux:barbican-common", "p-cpe:/a:canonical:ubuntu_linux:barbican-keystone-listener", "p-cpe:/a:canonical:ubuntu_linux:barbican-worker", "p-cpe:/a:canonical:ubuntu_linux:python-barbican", "p-cpe:/a:canonical:ubuntu_linux:python3-barbican"], "id": "UBUNTU_USN-5697-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166498", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5697-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166498);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/27\");\n\n script_cve_id(\"CVE-2022-3100\");\n script_xref(name:\"USN\", value:\"5697-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Barbican vulnerability (USN-5697-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as\nreferenced in the USN-5697-1 advisory.\n\n - openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5697-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-3100\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:barbican-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:barbican-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:barbican-keystone-listener\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:barbican-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-barbican\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-barbican\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(18\\.04|20\\.04|22\\.04)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'barbican-api', 'pkgver': '1:6.0.1-0ubuntu1.2'},\n {'osver': '18.04', 'pkgname': 'barbican-common', 'pkgver': '1:6.0.1-0ubuntu1.2'},\n {'osver': '18.04', 'pkgname': 'barbican-keystone-listener', 'pkgver': '1:6.0.1-0ubuntu1.2'},\n {'osver': '18.04', 'pkgname': 'barbican-worker', 'pkgver': '1:6.0.1-0ubuntu1.2'},\n {'osver': '18.04', 'pkgname': 'python-barbican', 'pkgver': '1:6.0.1-0ubuntu1.2'},\n {'osver': '20.04', 'pkgname': 'barbican-api', 'pkgver': '1:10.1.0-0ubuntu2.2'},\n {'osver': '20.04', 'pkgname': 'barbican-common', 'pkgver': '1:10.1.0-0ubuntu2.2'},\n {'osver': '20.04', 'pkgname': 'barbican-keystone-listener', 'pkgver': '1:10.1.0-0ubuntu2.2'},\n {'osver': '20.04', 'pkgname': 'barbican-worker', 'pkgver': '1:10.1.0-0ubuntu2.2'},\n {'osver': '20.04', 'pkgname': 'python3-barbican', 'pkgver': '1:10.1.0-0ubuntu2.2'},\n {'osver': '22.04', 'pkgname': 'barbican-api', 'pkgver': '2:14.0.0-0ubuntu1.1'},\n {'osver': '22.04', 'pkgname': 'barbican-common', 'pkgver': '2:14.0.0-0ubuntu1.1'},\n {'osver': '22.04', 'pkgname': 'barbican-keystone-listener', 'pkgver': '2:14.0.0-0ubuntu1.1'},\n {'osver': '22.04', 'pkgname': 'barbican-worker', 'pkgver': '2:14.0.0-0ubuntu1.1'},\n {'osver': '22.04', 'pkgname': 'python3-barbican', 'pkgver': '2:14.0.0-0ubuntu1.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'barbican-api / barbican-common / barbican-keystone-listener / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "debian": [{"lastseen": "2023-02-25T17:34:53", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-3136-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Emilio Pozuelo Monfort\nOctober 04, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : barbican\nVersion : 1:7.0.0-1+deb10u1\nCVE ID : CVE-2022-3100\n\nIt was found that Barbican, a service for secret management and storage,\nwas vulnerable to access bypass via query string injection.\n\nFor Debian 10 buster, this problem has been fixed in version\n1:7.0.0-1+deb10u1.\n\nWe recommend that you upgrade your barbican packages.\n\nFor the detailed security status of barbican please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/barbican\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-04T07:57:51", "type": "debian", "title": "[SECURITY] [DLA 3136-1] barbican security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-10-04T07:57:51", "id": "DEBIAN:DLA-3136-1:516CC", "href": "https://lists.debian.org/debian-lts-announce/2022/10/msg00005.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-03-21T16:43:27", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5247-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nOctober 04, 2022 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : barbican\nCVE ID : CVE-2022-3100\nDebian Bug : 1021139\n\nDouglas Mendizabal discovered that Barbican, the OpenStack Key Management\nService, incorrectly parsed requests which could allow an authenticated\nuser to bypass Barbican access policies.\n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 1:11.0.0-3+deb11u1.\n\nWe recommend that you upgrade your barbican packages.\n\nFor the detailed security status of barbican please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/barbican\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-04T19:09:49", "type": "debian", "title": "[SECURITY] [DSA 5247-1] barbican security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-10-04T19:09:49", "id": "DEBIAN:DSA-5247-1:6F6DB", "href": "https://lists.debian.org/debian-security-announce/2022/msg00216.html", "cvss": {"score": 0.0, "vector": "NONE"}}], "cve": [{"lastseen": "2023-02-09T14:25:40", "description": "A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2023-01-18T17:15:00", "type": "cve", "title": "CVE-2022-3100", "cwe": ["CWE-305"], "bulletinFamily": "NVD", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-26T15:11:00", "cpe": ["cpe:/a:redhat:openstack_for_ibm_power:16.1", "cpe:/a:redhat:openstack_for_ibm_power:16.2", "cpe:/a:redhat:openstack_for_ibm_power:13", "cpe:/a:openstack:barbican:-", "cpe:/a:redhat:openstack_platform:13.0", "cpe:/a:redhat:openstack:17", "cpe:/a:redhat:openstack:13", "cpe:/a:redhat:openstack:16.1", "cpe:/a:redhat:openstack:16.2"], "id": "CVE-2022-3100", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3100", "cvss": {"score": 0.0, "vector": "NONE"}, "cpe23": ["cpe:2.3:a:redhat:openstack_for_ibm_power:13:*:*:*:els:*:*:*", "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack:13:*:*:*:els:*:*:*", "cpe:2.3:a:redhat:openstack_for_ibm_power:16.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack_for_ibm_power:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*", "cpe:2.3:a:openstack:barbican:-:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack:17:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:openstack:16.2:-:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2023-01-26T18:11:42", "description": "Barbican is a ReST API designed for the secure storage, provisioning and\nmanagement of secrets, including in OpenStack environments.\n\nSecurity Fix(es):\n\n* openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-29T12:31:24", "type": "redhat", "title": "(RHSA-2022:6750) Important: Red Hat OpenStack Platform (openstack-barbican) security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-09-29T12:32:41", "id": "RHSA-2022:6750", "href": "https://access.redhat.com/errata/RHSA-2022:6750", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2022-10-04T08:14:59", "description": "\nIt was found that Barbican, a service for secret management and storage,\nwas vulnerable to access bypass via query string injection.\n\n\nFor Debian 10 buster, this problem has been fixed in version\n1:7.0.0-1+deb10u1.\n\n\nWe recommend that you upgrade your barbican packages.\n\n\nFor the detailed security status of barbican please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/barbican>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {}, "published": "2022-10-04T00:00:00", "type": "osv", "title": "barbican - security update", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-10-04T08:14:58", "id": "OSV:DLA-3136-1", "href": "https://osv.dev/vulnerability/DLA-3136-1", "cvss": {"score": 0.0, "vector": "NONE"}}], "veracode": [{"lastseen": "2023-01-26T19:03:26", "description": "openstack-barbican is vulnerable to policy bypasses. The vulnerability allows an attacker to bypass the policy via a query string when accessing the API.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-20T00:45:07", "type": "veracode", "title": "Access Policy Bypass Via Query String Injection", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-01-18T19:35:55", "id": "VERACODE:37607", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-37607/summary", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2023-01-26T18:42:43", "description": "## Releases\n\n * Ubuntu 22.04 LTS\n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n\n## Packages\n\n * barbican \\- OpenStack Key Management Service - API Server\n\nDouglas Mendizabal discovered that Barbican incorrectly handled certain \nquery strings. A remote attacker could possibly use this issue to bypass \nthe access policy.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-10-25T00:00:00", "type": "ubuntu", "title": "Barbican vulnerability", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-10-25T00:00:00", "id": "USN-5697-1", "href": "https://ubuntu.com/security/notices/USN-5697-1", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-01-27T13:13:57", "description": "A flaw was found in the openstack-barbican component. This issue allows an\naccess policy bypass via a query string when accessing the API.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=2125404>\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021139>\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-29T00:00:00", "type": "ubuntucve", "title": "CVE-2022-3100", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2022-09-29T00:00:00", "id": "UB:CVE-2022-3100", "href": "https://ubuntu.com/security/CVE-2022-3100", "cvss": {"score": 0.0, "vector": "NONE"}}], "redhatcve": [{"lastseen": "2023-03-08T23:15:20", "description": "A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.9, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2022-09-28T17:18:55", "type": "redhatcve", "title": "CVE-2022-3100", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2022-3100"], "modified": "2023-03-08T22:19:56", "id": "RH:CVE-2022-3100", "href": "https://access.redhat.com/security/cve/cve-2022-3100", "cvss": {"score": 0.0, "vector": "NONE"}}]}

barbican - security update

Description

Affected Software

Related