Fedora 36 : booth (2022-6744980220)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6744980220 advisory. Remove Alias directive from [email protected] unit file ---- Security fix for CVE-2022-2553 Tenable has extracted the preceding description block...

Fedora 35 : booth (2022-e0a87993b8)

The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e0a87993b8 advisory. Remove Alias directive from [email protected] unit file ---- Security fix for CVE-2022-2553 Tenable has extracted the preceding description block...

Rocky Linux 8 : booth (RLSA-2022:6439)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6439 advisory. - The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do no...

SUSE SLES15 / openSUSE 15 Security Update : booth (SUSE-SU-2022:2608-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2608-1 advisory. - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946. Tenable has extracted the preceding description...

SUSE SLES15 / openSUSE 15 Security Update : booth (SUSE-SU-2022:2609-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2609-1 advisory. - CVE-2022-2553: authfile directive in booth config file is completely ignored bsc1201946. Tenable has extracted the preceding description...

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

Authentication flaw

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

CVE-2022-2553

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster...

CVE-2022-2553

CVE-2022-2553 concerns the Booth cluster ticket manager. Multiple connected sources confirm the root cause: the authfile directive in the booth configuration is ignored, preventing proper authentication enforcement between nodes. This leads to a risk that nodes without the correct authentication ...