5 matches found
CVE-2022-23451
CVE-2022-23451 concerns openstack-barbican. The issue is an authorization flaw where default secret-metadata API policy allows any authenticated user to add/modify/delete metadata on any secret, compromising ownership and enabling denial of service by resource consumption. The impact is described...
Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-barbican) security update
An update for openstack-barbican is now available for Red Hat OpenStack Platform 16.2.3 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
Ubuntu: Security Advisory (USN-5387-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5387-1 barbican vulnerabilities
Douglas Mendizábal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue to consume protected resources and possibly cause a denial of service. CVE-2022-23451, CVE-2022-23452...
Ubuntu 18.04 LTS / 20.04 LTS : Barbican vulnerabilities (USN-5387-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5387-1 advisory. Douglas Mendizbal discovered that Barbican incorrectly handled access restrictions. An authenticated attacker could possibly use this issue t...