Lucene search
Redhat.comRH:CVE-2022-3287HistorySep 28, 2022 - 12:48 p.m.
CVE-2022-3287
2022-09-2812:48:53
redhat.com
access.redhat.com
17
0.001 Low
EPSS
Percentile
28.0%
A flaw was found in fwupd. When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file.
Related
nessus
nessus
RHEL 8 : fwupd (RHSA-2024:1106)
2024-03-05 00:00:00
Oracle Linux 8 : fwupd (ELSA-2023-7189)
2023-11-21 00:00:00
CentOS 8 : fwupd (CESA-2023:7189)
2023-11-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-3287
2022-09-28 20:15:00
osv
osv
CVE-2022-3287
2022-09-28 20:15:18
Moderate: fwupd security update
2023-11-14 00:00:00
Moderate: fwupd security update
2023-11-28 22:42:52
redhat
redhat
(RHSA-2024:1403) Moderate: fwupd security update
2024-03-19 16:35:06
(RHSA-2023:7189) Moderate: fwupd security update
2023-11-14 08:47:29
(RHSA-2024:1106) Moderate: fwupd security update
2024-03-05 10:44:56
almalinux
almalinux
Moderate: fwupd security update
2023-11-14 00:00:00
Moderate: fwupd security and bug fix update
2023-05-09 00:00:00
prion
prion
Authorization
2022-09-28 20:15:00
cnvd
cnvd
fwupd information disclosure vulnerability
2022-09-30 00:00:00
cve
cve
CVE-2022-3287
2022-09-28 20:15:00
oraclelinux
oraclelinux
fwupd security update
2023-11-17 00:00:00
fwupd security and bug fix update
2023-05-15 00:00:00
ubuntucve
ubuntucve
CVE-2022-3287
2022-09-28 00:00:00
veracode
veracode
Information Disclosure
2022-10-11 13:16:39
cvelist
cvelist
CVE-2022-3287
2022-09-28 19:07:38
rocky
rocky
fwupd security update
2023-11-28 22:42:52
debiancve
debiancve
CVE-2022-3287
2022-09-28 20:15:00