(RHSA-2022:6750) Important: Red Hat OpenStack Platform (openstack-barbican) security update

2022-09-2912:31:24

access.redhat.com

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

0.001 Low

EPSS

Percentile

26.5%

JSON

Barbican is a ReST API designed for the secure storage, provisioning and
management of secrets, including in OpenStack environments.

Security Fix(es):

openstack-barbican: access policy bypass via query string injection (CVE-2022-3100)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8noarchpython3-barbican< 9.0.1-1.20220112203416.07be198.el8ostpython3-barbican-9.0.1-1.20220112203416.07be198.el8ost.noarch.rpm
RedHat8noarchopenstack-barbican-worker< 9.0.1-1.20220112203416.07be198.el8ostopenstack-barbican-worker-9.0.1-1.20220112203416.07be198.el8ost.noarch.rpm
RedHat9noarchopenstack-barbican-common< 12.0.1-0.20220614210405.486e607.el9ostopenstack-barbican-common-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat9noarchopenstack-barbican-worker< 12.0.1-0.20220614210405.486e607.el9ostopenstack-barbican-worker-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat8noarchopenstack-barbican-api< 9.0.2-2.20220122185349.c718783.el8ostopenstack-barbican-api-9.0.2-2.20220122185349.c718783.el8ost.noarch.rpm
RedHat7noarchpython-barbican< 6.0.1-6.el7ostpython-barbican-6.0.1-6.el7ost.noarch.rpm
RedHat7noarchopenstack-barbican-keystone-listener< 6.0.1-6.el7ostopenstack-barbican-keystone-listener-6.0.1-6.el7ost.noarch.rpm
RedHat7noarchopenstack-barbican< 6.0.1-6.el7ostopenstack-barbican-6.0.1-6.el7ost.noarch.rpm
RedHat9noarchopenstack-barbican< 12.0.1-0.20220614210405.486e607.el9ostopenstack-barbican-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat9noarchopenstack-barbican-api< 12.0.1-0.20220614210405.486e607.el9ostopenstack-barbican-api-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	noarch	python3-barbican	< 9.0.1-1.20220112203416.07be198.el8ost	python3-barbican-9.0.1-1.20220112203416.07be198.el8ost.noarch.rpm
RedHat	8	noarch	openstack-barbican-worker	< 9.0.1-1.20220112203416.07be198.el8ost	openstack-barbican-worker-9.0.1-1.20220112203416.07be198.el8ost.noarch.rpm
RedHat	9	noarch	openstack-barbican-common	< 12.0.1-0.20220614210405.486e607.el9ost	openstack-barbican-common-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat	9	noarch	openstack-barbican-worker	< 12.0.1-0.20220614210405.486e607.el9ost	openstack-barbican-worker-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat	8	noarch	openstack-barbican-api	< 9.0.2-2.20220122185349.c718783.el8ost	openstack-barbican-api-9.0.2-2.20220122185349.c718783.el8ost.noarch.rpm
RedHat	7	noarch	python-barbican	< 6.0.1-6.el7ost	python-barbican-6.0.1-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-barbican-keystone-listener	< 6.0.1-6.el7ost	openstack-barbican-keystone-listener-6.0.1-6.el7ost.noarch.rpm
RedHat	7	noarch	openstack-barbican	< 6.0.1-6.el7ost	openstack-barbican-6.0.1-6.el7ost.noarch.rpm
RedHat	9	noarch	openstack-barbican	< 12.0.1-0.20220614210405.486e607.el9ost	openstack-barbican-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm
RedHat	9	noarch	openstack-barbican-api	< 12.0.1-0.20220614210405.486e607.el9ost	openstack-barbican-api-12.0.1-0.20220614210405.486e607.el9ost.noarch.rpm