Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
OpenstackBarbican*

2 matches found

CVE
CVEadded 2022/09/06 5:18 p.m.709 views

CVE-2022-23451

CVE-2022-23451 concerns openstack-barbican. The issue is an authorization flaw where default secret-metadata API policy allows any authenticated user to add/modify/delete metadata on any secret, compromising ownership and enabling denial of service by resource consumption. The impact is described...

8.1CVSS7.5AI score0.00971EPSS
CVE
CVEadded 2022/09/01 8:57 p.m.128 views

CVE-2022-23452

CVE-2022-23452 affects openstack-barbican. The flaw is an authorization issue where any admin can add secrets to another project’s container, enabling network-accessed resource consumption and potential DoS. The NVD CVSSv3.1 base score is 4.9 (MEDIUM) with Network attack, low complexity, and high...

4.9CVSS5AI score0.00981EPSS