CVE-2022-2393

A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.

CVSS v3 5.7 MEDIUM

5.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.1 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2101046	Issue Tracking Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pki-core_project:pki-core:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:certificate_system:9.0:::::::*
	cpe:2.3:a:redhat:certificate_system:10.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*

History

30 Jun 2023, 18:53

Type	Values Removed	Values Added
CWE	~~CWE-285~~	NVD-CWE-Other

Information

Published : 2022-07-14 15:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-2393

Mitre link : CVE-2022-2393

CVE.ORG link : CVE-2022-2393

JSON object : View

Products Affected

pki-core_project

pki-core

redhat

enterprise_linux
certificate_system

CWE

NVD-CWE-Other CWE-285

Improper Authorization

{"id": "CVE-2022-2393", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.7, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.1}]}, "published": "2022-07-14T15:15:08.133", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content."}, {"lang": "es", "value": "Se ha encontrado un fallo en pki-core, que podr\u00eda permitir a un usuario conseguir un certificado para otra identidad de usuario cuando la autenticaci\u00f3n basada en el directorio est\u00e1 habilitada. Este fallo permite a un atacante autenticado en la red adyacente hacerse pasar por otro usuario dentro del \u00e1mbito del dominio, pero no podr\u00eda descifrar el contenido de los mensajes"}], "lastModified": "2023-06-30T18:53:57.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pki-core_project:pki-core:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "025D479C-A4CB-442E-9A89-005CF4567026", "versionEndIncluding": "10.12.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:certificate_system:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F53A5C24-3524-4DC1-B3C8-5D86055BD7A0"}, {"criteria": "cpe:2.3:a:redhat:certificate_system:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95575E40-9DB8-43CB-B667-46803DAE501F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}