Lucene search
Veracode Vulnerability DatabaseVERACODE:36262HistoryJul 06, 2022 - 12:43 a.m.
Authorization Bypass
2022-07-0600:43:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.001 Low
EPSS
Percentile
50.4%
openstack-barbican is vulnerable to authorization bypass. The vulnerability exists because anyone with an admin role could add secrets to a different project container which allows an attacker on the network to consume protected resources and cause a denial of service.
References
access.redhat.com/errata/RHSA-2022:5114
access.redhat.com/errata/RHSA-2022:8874
access.redhat.com/security/cve/CVE-2022-23452
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=2022908
bugzilla.redhat.com/show_bug.cgi?id=2025090
review.opendev.org/c/openstack/barbican/+/814200
storyboard.openstack.org/#!/story/2009297
storyboard.openstack.org/#%21/story/2009297
Related
ubuntucve
ubuntucve
CVE-2022-23452
2022-01-28 00:00:00
redhatcve
redhatcve
CVE-2022-23452
2022-01-19 16:04:14
debiancve
debiancve
CVE-2022-23452
2022-09-01 21:15:09
cve
cve
CVE-2022-23452
2022-09-01 21:15:09
osv
osv
CVE-2022-23452
2022-09-01 21:15:09
openstack-barbican Denial of Service vulnerability
2022-09-02 00:01:02
barbican vulnerabilities
2022-04-25 16:19:10
github
github
openstack-barbican Denial of Service vulnerability
2022-09-02 00:01:02
prion
prion
Authorization
2022-09-01 21:15:00
cvelist
cvelist
CVE-2022-23452
2022-09-01 20:57:45
nvd
nvd
CVE-2022-23452
2022-09-01 21:15:09
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Barbican vulnerabilities (USN-5387-1)
2022-04-25 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5387-1)
2022-04-26 00:00:00
redhat
redhat
ubuntu
ubuntu
Barbican vulnerabilities
2022-04-25 00:00:00