CVE-2022-2447

A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected.

CVSS v3 6.6 MEDIUM

6.6^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.7 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2022-2447	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2105419	Exploit Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:openstack:keystone:-:*:*:*:*:*:*:*

OR	cpe:2.3:a:redhat:openstack:16.1:::::::*
	cpe:2.3:a:redhat:openstack:16.2:-::::::

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:openstack_platform:16.1:::::::*
	cpe:2.3:a:redhat:openstack_platform:16.2:::::::*
	cpe:2.3:a:redhat:quay:3.0.0:::::::*
	cpe:2.3:a:redhat:storage:3.0:::::::*

History

No history.

Information

Published : 2022-09-01 21:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-2447

Mitre link : CVE-2022-2447

CVE.ORG link : CVE-2022-2447

JSON object : View

Products Affected

redhat

openstack_platform
openstack
quay
storage

openstack

keystone

CWE

CWE-672

Operation on a Resource after Expiration or Release

CWE-324

Use of a Key Past its Expiration Date

{"id": "CVE-2022-2447", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.6, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.7}]}, "published": "2022-09-01T21:15:09.547", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2022-2447", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2105419", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-672"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-324"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Keystone. There is a time lag (up to one hour in a default configuration) between when security policy says a token should be revoked from when it is actually revoked. This could allow a remote administrator to secretly maintain access for longer than expected."}, {"lang": "es", "value": "Se ha encontrado un fallo en Keystone. Hay un desfase (de hasta una hora en una configuraci\u00f3n por defecto) entre el momento en que la pol\u00edtica de seguridad dice que un token debe ser revocado y el momento en que realmente lo es. Esto podr\u00eda permitir a un administrador remoto mantener secretamente el acceso durante m\u00e1s tiempo del esperado"}], "lastModified": "2022-10-01T02:29:47.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openstack:keystone:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "568B4FBB-D454-47AA-83BC-D625114FEF49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59"}, {"criteria": "cpe:2.3:a:redhat:openstack:16.2:-:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FFE398FE-EE7C-4B64-ABB6-24697E047C85"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73"}, {"criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8"}, {"criteria": "cpe:2.3:a:redhat:quay:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1987BDA-0113-4603-B9BE-76647EB043F2"}, {"criteria": "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "379A5883-F6DF-41F5-9403-8D17F6605737"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}