CVE - CVE-2022-23452

CVE-ID
CVE-2022-23452	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://access.redhat.com/security/cve/CVE-2022-23452 URL:https://access.redhat.com/security/cve/CVE-2022-23452 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=2022908 URL:https://bugzilla.redhat.com/show_bug.cgi?id=2022908 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=2025090 URL:https://bugzilla.redhat.com/show_bug.cgi?id=2025090 MISC:https://review.opendev.org/c/openstack/barbican/+/814200 URL:https://review.opendev.org/c/openstack/barbican/+/814200 MISC:https://storyboard.openstack.org/#%21/story/2009297 URL:https://storyboard.openstack.org/#%21/story/2009297
Assigning CNA
Red Hat, Inc.
Date Record Created
20220119	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20220119)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)