CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2022-0670 – ceph: user/tenant can obtain access (read/write) to any share
https://notcve.org/view.php?id=CVE-2022-0670
A flaw was found in Openstack manilla owning a Ceph File system "share", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the "volumes" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2. Se ha encontrado un fallo en Openstack manilla que posee un "share" del sistema de archivos Ceph, que permite al propietario leer/escribir cualquier manilla compartido o todo el sistema de archivos. • https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT https://access.redhat.com/security/cve/CVE-2022-0670 https://bugzilla.redhat.com/show_bug.cgi?id=2050728 • CWE-863: Incorrect Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1655 – OpenStack: Horizon session cookies are not flagged HttpOnly
https://notcve.org/view.php?id=CVE-2022-1655
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity. Se ha encontrado un fallo de Asignación Incorrecta de Permisos para Recursos Críticos en Horizon en Red Hat OpenStack. Las cookies de sesión de Horizon son creadas sin el flag HttpOnly a pesar de que HorizonSecureCookies está configurado como true en los archivos de entorno, conllevando posiblemente a una pérdida de confidencialidad e integridad • https://access.redhat.com/security/cve/cve-2022-1655 https://access.redhat.com/security/cve/CVE-2022-1655 https://bugzilla.redhat.com/show_bug.cgi?id=2075681 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.6EPSS: 0%CPEs: 7EXPL: 0CVE-2022-2393 – pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field
https://notcve.org/view.php?id=CVE-2022-2393
A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content. Se ha encontrado un fallo en pki-core, que podría permitir a un usuario conseguir un certificado para otra identidad de usuario cuando la autenticación basada en el directorio está habilitada. Este fallo permite a un atacante autenticado en la red adyacente hacerse pasar por otro usuario dentro del ámbito del dominio, pero no podría descifrar el contenido de los mensajes • https://bugzilla.redhat.com/show_bug.cgi?id=2101046 https://access.redhat.com/security/cve/CVE-2022-2393 • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-2211 – libguestfs: Buffer overflow in get_keys leads to DoS
https://notcve.org/view.php?id=CVE-2022-2211
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor. Se ha encontrado una vulnerabilidad en libguestfs. Este problema es producido al calcular el mayor número posible de claves coincidentes en la función get_keys(). • https://access.redhat.com/security/cve/CVE-2022-2211 https://bugzilla.redhat.com/show_bug.cgi?id=2100862 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-28623
https://notcve.org/view.php?id=CVE-2022-28623
Security vulnerabilities in HPE IceWall SSO 10.0 certd could be exploited remotely to allow SQL injection or unauthorized data injection. HPE has provided the following updated modules to resolve these vulnerabilities. HPE IceWall SSO version 10.0 certd library Patch 9 for RHEL and HPE IceWall SSO version 10.0 certd library Patch 9 for HP-UX. Unas vulnerabilidades de seguridad en HPE IceWall SSO versión 10.0 certd, podrían ser explotadas de forma remota para permitir una inyección de SQL o una inyección de datos no autorizada. HPE ha proporcionado los siguientes módulos actualizados para resolver estas vulnerabilidades. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbmu04330en_us • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •