// For flags

CVE-2022-1292

The c_rehash script allows command injection

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

5
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n). Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd).

El script c_rehash no sanea apropiadamente los meta caracteres del shell para evitar la inyección de comandos. Este script es distribuido por algunos sistemas operativos de manera que es ejecutado automáticamente. En dichos sistemas operativos, un atacante podría ejecutar comandos arbitrarios con los privilegios del script. El uso del script c_rehash es considerado obsoleto y debe ser sustituido por la herramienta de línea de comandos OpenSSL rehash. Corregido en OpenSSL versión 3.0.3 (Afectado 3.0.0,3.0.1,3.0.2). Corregido en OpenSSL versión 1.1.1o (Afectado 1.1.1-1.1.1n). Corregido en OpenSSL versión 1.0.2ze (Afectado 1.0.2-1.0.2zd)

A flaw was found in OpenSSL. The `c_rehash` script does not properly sanitize shell meta-characters to prevent command injection. Some operating systems distribute this script in a manner where it is automatically executed. This flaw allows an attacker to execute arbitrary commands with the privileges of the script on these operating systems.

*Credits: Elison Niven (Sophos)
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-04-11 CVE Reserved
  • 2022-05-03 CVE Published
  • 2022-05-24 First Exploit
  • 2024-09-16 CVE Updated
  • 2024-11-11 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
  • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (21)
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Netapp
Search vendor "Netapp"
A700s Firmware
Search vendor "Netapp" for product "A700s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
A700s
Search vendor "Netapp" for product "A700s"
--
Safe
Netapp
Search vendor "Netapp"
H300s Firmware
Search vendor "Netapp" for product "H300s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H300s
Search vendor "Netapp" for product "H300s"
--
Safe
Netapp
Search vendor "Netapp"
H500s Firmware
Search vendor "Netapp" for product "H500s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H500s
Search vendor "Netapp" for product "H500s"
--
Safe
Netapp
Search vendor "Netapp"
H700s Firmware
Search vendor "Netapp" for product "H700s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H700s
Search vendor "Netapp" for product "H700s"
--
Safe
Netapp
Search vendor "Netapp"
H300e Firmware
Search vendor "Netapp" for product "H300e Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H300e
Search vendor "Netapp" for product "H300e"
--
Safe
Netapp
Search vendor "Netapp"
H500e Firmware
Search vendor "Netapp" for product "H500e Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H500e
Search vendor "Netapp" for product "H500e"
--
Safe
Netapp
Search vendor "Netapp"
H700e Firmware
Search vendor "Netapp" for product "H700e Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H700e
Search vendor "Netapp" for product "H700e"
--
Safe
Netapp
Search vendor "Netapp"
H410s Firmware
Search vendor "Netapp" for product "H410s Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
H410s
Search vendor "Netapp" for product "H410s"
--
Safe
Netapp
Search vendor "Netapp"
Aff 8300 Firmware
Search vendor "Netapp" for product "Aff 8300 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Aff 8300
Search vendor "Netapp" for product "Aff 8300"
--
Safe
Netapp
Search vendor "Netapp"
Fas 8300 Firmware
Search vendor "Netapp" for product "Fas 8300 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Fas 8300
Search vendor "Netapp" for product "Fas 8300"
--
Safe
Netapp
Search vendor "Netapp"
Aff 8700 Firmware
Search vendor "Netapp" for product "Aff 8700 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Aff 8700
Search vendor "Netapp" for product "Aff 8700"
--
Safe
Netapp
Search vendor "Netapp"
Fas 8700 Firmware
Search vendor "Netapp" for product "Fas 8700 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Fas 8700
Search vendor "Netapp" for product "Fas 8700"
--
Safe
Netapp
Search vendor "Netapp"
Aff A400 Firmware
Search vendor "Netapp" for product "Aff A400 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Aff A400
Search vendor "Netapp" for product "Aff A400"
--
Safe
Netapp
Search vendor "Netapp"
Fabric-attached Storage A400 Firmware
Search vendor "Netapp" for product "Fabric-attached Storage A400 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Fabric-attached Storage A400
Search vendor "Netapp" for product "Fabric-attached Storage A400"
--
Safe
Netapp
Search vendor "Netapp"
A250 Firmware
Search vendor "Netapp" for product "A250 Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
A250
Search vendor "Netapp" for product "A250"
--
Safe
Netapp
Search vendor "Netapp"
Aff 500f Firmware
Search vendor "Netapp" for product "Aff 500f Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Aff 500f
Search vendor "Netapp" for product "Aff 500f"
--
Safe
Netapp
Search vendor "Netapp"
Fas 500f Firmware
Search vendor "Netapp" for product "Fas 500f Firmware"
--
Affected
in Netapp
Search vendor "Netapp"
Fas 500f
Search vendor "Netapp" for product "Fas 500f"
--
Safe
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
>= 1.0.2 < 1.0.2ze
Search vendor "Openssl" for product "Openssl" and version " >= 1.0.2 < 1.0.2ze"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
>= 1.1.1 < 1.1.1o
Search vendor "Openssl" for product "Openssl" and version " >= 1.1.1 < 1.1.1o"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
>= 3.0.0 < 3.0.3
Search vendor "Openssl" for product "Openssl" and version " >= 3.0.0 < 3.0.3"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
9.0
Search vendor "Debian" for product "Debian Linux" and version "9.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
10.0
Search vendor "Debian" for product "Debian Linux" and version "10.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
11.0
Search vendor "Debian" for product "Debian Linux" and version "11.0"
-
Affected
Netapp
Search vendor "Netapp"
Active Iq Unified Manager
Search vendor "Netapp" for product "Active Iq Unified Manager"
-vmware_vsphere
Affected
Netapp
Search vendor "Netapp"
Active Iq Unified Manager
Search vendor "Netapp" for product "Active Iq Unified Manager"
-vsphere
Affected
Netapp
Search vendor "Netapp"
Active Iq Unified Manager
Search vendor "Netapp" for product "Active Iq Unified Manager"
-windows
Affected
Netapp
Search vendor "Netapp"
Clustered Data Ontap
Search vendor "Netapp" for product "Clustered Data Ontap"
--
Affected
Netapp
Search vendor "Netapp"
Clustered Data Ontap Antivirus Connector
Search vendor "Netapp" for product "Clustered Data Ontap Antivirus Connector"
--
Affected
Netapp
Search vendor "Netapp"
Oncommand Insight
Search vendor "Netapp" for product "Oncommand Insight"
--
Affected
Netapp
Search vendor "Netapp"
Oncommand Workflow Automation
Search vendor "Netapp" for product "Oncommand Workflow Automation"
--
Affected
Netapp
Search vendor "Netapp"
Santricity Smi-s Provider
Search vendor "Netapp" for product "Santricity Smi-s Provider"
--
Affected
Netapp
Search vendor "Netapp"
Smi-s Provider
Search vendor "Netapp" for product "Smi-s Provider"
--
Affected
Netapp
Search vendor "Netapp"
Snapcenter
Search vendor "Netapp" for product "Snapcenter"
--
Affected
Netapp
Search vendor "Netapp"
Snapmanager
Search vendor "Netapp" for product "Snapmanager"
-hyper-v
Affected
Netapp
Search vendor "Netapp"
Solidfire\, Enterprise Sds \& Hci Storage Node
Search vendor "Netapp" for product "Solidfire\, Enterprise Sds \& Hci Storage Node"
--
Affected
Netapp
Search vendor "Netapp"
Solidfire \& Hci Management Node
Search vendor "Netapp" for product "Solidfire \& Hci Management Node"
--
Affected
Oracle
Search vendor "Oracle"
Enterprise Manager Ops Center
Search vendor "Oracle" for product "Enterprise Manager Ops Center"
12.4.0.0
Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.4.0.0"
-
Affected
Oracle
Search vendor "Oracle"
Mysql Server
Search vendor "Oracle" for product "Mysql Server"
>= 5.0.0 <= 5.7.38
Search vendor "Oracle" for product "Mysql Server" and version " >= 5.0.0 <= 5.7.38"
-
Affected
Oracle
Search vendor "Oracle"
Mysql Server
Search vendor "Oracle" for product "Mysql Server"
>= 8.0.0 <= 8.0.29
Search vendor "Oracle" for product "Mysql Server" and version " >= 8.0.0 <= 8.0.29"
-
Affected
Oracle
Search vendor "Oracle"
Mysql Workbench
Search vendor "Oracle" for product "Mysql Workbench"
<= 8.0.29
Search vendor "Oracle" for product "Mysql Workbench" and version " <= 8.0.29"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
35
Search vendor "Fedoraproject" for product "Fedora" and version "35"
-
Affected
Fedoraproject
Search vendor "Fedoraproject"
Fedora
Search vendor "Fedoraproject" for product "Fedora"
36
Search vendor "Fedoraproject" for product "Fedora" and version "36"
-
Affected