Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.10
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 7 |
| CVE-ID | CVE-2021-21684 CVE-2022-0532 CVE-2014-3577 CVE-2021-41190 CVE-2021-44717 CVE-2021-44716 CVE-2012-6153 |
| CWE-ID | CWE-79 CWE-732 CWE-295 CWE-843 CWE-400 CWE-20 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
openshift-ansible (Red Hat package) Operating systems & Components / Operating system package or component toolbox (Red Hat package) Operating systems & Components / Operating system package or component skopeo (Red Hat package) Operating systems & Components / Operating system package or component rust-bootupd (Red Hat package) Operating systems & Components / Operating system package or component rust-afterburn (Red Hat package) Operating systems & Components / Operating system package or component runc (Red Hat package) Operating systems & Components / Operating system package or component redhat-release-coreos (Red Hat package) Operating systems & Components / Operating system package or component python-tooz (Red Hat package) Operating systems & Components / Operating system package or component python-sushy-oem-idrac (Red Hat package) Operating systems & Components / Operating system package or component python-sushy (Red Hat package) Operating systems & Components / Operating system package or component python-stevedore (Red Hat package) Operating systems & Components / Operating system package or component python-scciclient (Red Hat package) Operating systems & Components / Operating system package or component python-proliantutils (Red Hat package) Operating systems & Components / Operating system package or component python-pbr (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-utils (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-upgradecheck (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-service (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-serialization (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-policy (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-metrics (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-messaging (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-log (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-i18n (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-db (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-context (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-config (Red Hat package) Operating systems & Components / Operating system package or component python-oslo-concurrency (Red Hat package) Operating systems & Components / Operating system package or component python-osc-lib (Red Hat package) Operating systems & Components / Operating system package or component python-openstacksdk (Red Hat package) Operating systems & Components / Operating system package or component python-keystoneauth1 (Red Hat package) Operating systems & Components / Operating system package or component python-ironicclient (Red Hat package) Operating systems & Components / Operating system package or component python-ironic-prometheus-exporter (Red Hat package) Operating systems & Components / Operating system package or component python-ironic-lib (Red Hat package) Operating systems & Components / Operating system package or component python-hardware (Red Hat package) Operating systems & Components / Operating system package or component python-dracclient (Red Hat package) Operating systems & Components / Operating system package or component python-debtcollector (Red Hat package) Operating systems & Components / Operating system package or component python-cliff (Red Hat package) Operating systems & Components / Operating system package or component python-cachetools (Red Hat package) Operating systems & Components / Operating system package or component python-autopage (Red Hat package) Operating systems & Components / Operating system package or component podman (Red Hat package) Operating systems & Components / Operating system package or component ovn21.09 (Red Hat package) Operating systems & Components / Operating system package or component ovn-2021 (Red Hat package) Operating systems & Components / Operating system package or component openvswitch2.16 (Red Hat package) Operating systems & Components / Operating system package or component openstack-ironic-python-agent (Red Hat package) Operating systems & Components / Operating system package or component openstack-ironic-inspector (Red Hat package) Operating systems & Components / Operating system package or component openstack-ironic (Red Hat package) Operating systems & Components / Operating system package or component openshift-kuryr (Red Hat package) Operating systems & Components / Operating system package or component openshift-clients (Red Hat package) Operating systems & Components / Operating system package or component openshift (Red Hat package) Operating systems & Components / Operating system package or component kata-containers (Red Hat package) Operating systems & Components / Operating system package or component jenkins (Red Hat package) Operating systems & Components / Operating system package or component jenkins-2-plugins (Red Hat package) Operating systems & Components / Operating system package or component ignition (Red Hat package) Operating systems & Components / Operating system package or component haproxy (Red Hat package) Operating systems & Components / Operating system package or component fuse-overlayfs (Red Hat package) Operating systems & Components / Operating system package or component crun (Red Hat package) Operating systems & Components / Operating system package or component cri-tools (Red Hat package) Operating systems & Components / Operating system package or component cri-o (Red Hat package) Operating systems & Components / Operating system package or component coreos-installer (Red Hat package) Operating systems & Components / Operating system package or component containers-common (Red Hat package) Operating systems & Components / Operating system package or component containernetworking-plugins (Red Hat package) Operating systems & Components / Operating system package or component console-login-helper-messages (Red Hat package) Operating systems & Components / Operating system package or component butane (Red Hat package) Operating systems & Components / Operating system package or component buildah (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-service-idler (Red Hat package) Operating systems & Components / Operating system package or component ovn21.12 (Red Hat package) Operating systems & Components / Operating system package or component Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 7 vulnerabilities.
1) Stored cross-site scripting
EUVDB-ID: #VU57149
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-21684
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:red_hat_openshift_container_platform:*:*:*:*:*:*:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Incorrect permission assignment for critical resource
EUVDB-ID: #VU68299
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-0532
CWE-ID:
CWE-732 - Incorrect Permission Assignment for Critical Resource
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to incorrect sysctls validation in CRI-O. The sysctls from the list of "safe" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Certificate Validation
EUVDB-ID: #VU57150
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2014-3577
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper certificate validation. A remote attacker can perform a man-in-the-middle (MitM) attack and spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Type Confusion
EUVDB-ID: #VU58229
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-41190
CWE-ID:
CWE-843 - Type confusion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the system.
The vulnerability exists due to a type confusion error. A remote authenticated attacker can pass specially crafted data to the application, trigger a type confusion error and interpret the resulting content differently.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Resource exhaustion
EUVDB-ID: #VU59042
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-44717
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when processing HTTP/2 requests. A remote attacker can send multiple HTTP/2 requests to the server and exhaust all available memory resources.
Install updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU58824
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-44716
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Input validation error
EUVDB-ID: #VU77628
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2012-6153
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify files on the system.
The vulnerability exists due to Apache Commons HttpClient does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate. A remote attacker can pass specially crafted input to the application and modify files on the system.
MitigationInstall updates from vendor's website.
openshift-ansible (Red Hat package): before 4.10.0-202202110258.p0.g25af5a6.assembly.stream.el7
toolbox (Red Hat package): before 0.0.8-4.rhaos4.10.el8
skopeo (Red Hat package): before 1.2.2-1.rhaos4.10.el8
rust-bootupd (Red Hat package): before 0.2.5-3.rhaos4.10.el8
rust-afterburn (Red Hat package): before 5.2.0-1.rhaos4.10.el8
runc (Red Hat package): before 1.0.1-3.rhaos4.10.git4144b63.el7
redhat-release-coreos (Red Hat package): before 410.84-2.el8
python-tooz (Red Hat package): before 2.9.0-0.20211012145018.174065f.el8
python-sushy-oem-idrac (Red Hat package): before 3.0.2-0.20211011174039.9733d23.el8
python-sushy (Red Hat package): before 4.0.0-0.20211209155954.45d24d4.el8
python-stevedore (Red Hat package): before 3.4.0-0.20211012153718.8846a3f.el8
python-scciclient (Red Hat package): before 0.11.1-0.20211208154124.a84332b.el8
python-proliantutils (Red Hat package): before 2.12.2-0.20211210161243.500f518.el8
python-pbr (Red Hat package): before 5.5.1-1.el8ost
python-oslo-utils (Red Hat package): before 4.10.0-0.20211012164840.2c74bb9.el8
python-oslo-upgradecheck (Red Hat package): before 1.4.0-0.20211012144915.3ca8698.el8
python-oslo-service (Red Hat package): before 2.6.0-0.20211012154519.091fd65.el8
python-oslo-serialization (Red Hat package): before 4.2.0-0.20211012151454.2b94a4f.el8
python-oslo-policy (Red Hat package): before 3.8.2-0.20211012161944.c7fd9f4.el8
python-oslo-metrics (Red Hat package): before 0.3.0-0.20211020174122.43eee50.el8
python-oslo-messaging (Red Hat package): before 12.9.1-0.20211020204149.f9de265.el8
python-oslo-log (Red Hat package): before 4.6.0-0.20211012154701.41c8807.el8
python-oslo-i18n (Red Hat package): before 5.1.0-0.20211012165753.b031d17.el8
python-oslo-db (Red Hat package): before 9.1.0-0.20211020204148.be2cc6a.el8
python-oslo-context (Red Hat package): before 3.3.1-0.20211012152439.641a1e0.el8
python-oslo-config (Red Hat package): before 8.7.1-0.20211012155707.1a7bd66.el8
python-oslo-concurrency (Red Hat package): before 4.4.1-0.20211012150632.8e08400.el8
python-osc-lib (Red Hat package): before 2.4.2-0.20211012163041.415a6c7.el8
python-openstacksdk (Red Hat package): before 0.59.0-0.20211012172340.d0d4d8b.el8
python-keystoneauth1 (Red Hat package): before 4.4.0-0.20211012144044.112bcae.el8
python-ironicclient (Red Hat package): before 4.9.0-0.20211209154934.6f1be06.el8
python-ironic-prometheus-exporter (Red Hat package): before 3.1.0-0.20211130174057.d25ba32.el8
python-ironic-lib (Red Hat package): before 5.1.0-0.20211209154936.731e2f9.el8
python-hardware (Red Hat package): before 0.29.0-0.20211122094056.7662a1d.el8
python-dracclient (Red Hat package): before 7.0.0-0.20211012182751.d26664e.el8
python-debtcollector (Red Hat package): before 2.3.0-0.20211012161119.0bf5bf5.el8
python-cliff (Red Hat package): before 3.9.0-0.20211020191737.734bc0c.el8
python-cachetools (Red Hat package): before 3.1.0-2.el8ost
python-autopage (Red Hat package): before 0.4.0-1.el8
podman (Red Hat package): before 3.0.1-7.rhaos4.10.el8
ovn21.09 (Red Hat package): before 21.09.0-22.el8fdp
ovn-2021 (Red Hat package): before 21.12.0-15.el8fdp
openvswitch2.16 (Red Hat package): before 2.16.0-33.el8fdp
openstack-ironic-python-agent (Red Hat package): before 8.3.1-0.20220105174059.d2d3cd6.el8
openstack-ironic-inspector (Red Hat package): before 10.9.1-0.20220117094044.19e2592.el8
openstack-ironic (Red Hat package): before 19.0.1-0.20220120204037.438b8af.el8
openshift-kuryr (Red Hat package): before 4.10.0-202202160023.p0.ge77f917.assembly.stream.el8
openshift-clients (Red Hat package): before 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7
kata-containers (Red Hat package): before 2.3.0-3.el8
jenkins (Red Hat package): before 2.319.2.1643288987-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1643404185-1.el8
ignition (Red Hat package): before 2.13.0-2.rhaos4.10.el8
haproxy (Red Hat package): before 2.2.19-1.el8
fuse-overlayfs (Red Hat package): before 1.4.0-1.rhaos4.10.el8
crun (Red Hat package): before 1.4.2-1.rhaos4.10.el8
cri-tools (Red Hat package): before 1.23.0-1.el7
cri-o (Red Hat package): before 1.23.0-92.rhaos4.10.gitdaab4d1.el7
coreos-installer (Red Hat package): before 0.12.0-1.rhaos4.10.el8
containers-common (Red Hat package): before 1-16.rhaos4.10.el8
containernetworking-plugins (Red Hat package): before 0.9.1-1.rhaos4.10.el8
console-login-helper-messages (Red Hat package): before 0.20.3-1.rhaos4.10.el8
butane (Red Hat package): before 0.14.0-1.rhaos4.10.el8
buildah (Red Hat package): before 1.19.7-1.el8
atomic-openshift-service-idler (Red Hat package): before 4.10.0-202202160023.p0.g39cfc66.assembly.stream.el8
Red Hat OpenShift Container Platform: before 4.10.3
ovn21.12 (Red Hat package): before 21.12.0-25.el8fdp
CPE2.3- cpe:2.3:o:red_hat:openshift-ansible_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:toolbox_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:skopeo_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-bootupd_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:rust-afterburn_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:runc_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:redhat-release-coreos_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-tooz_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy-oem-idrac_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-sushy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-stevedore_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-scciclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-proliantutils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-pbr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-utils_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-upgradecheck_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-service_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-serialization_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-policy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-metrics_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-messaging_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-log_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-i18n_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-db_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-context_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-config_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-oslo-concurrency_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-osc-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-openstacksdk_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-keystoneauth1_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironicclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-prometheus-exporter_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-ironic-lib_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-hardware_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-dracclient_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-debtcollector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cliff_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-cachetools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:python-autopage_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:podman_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.09_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn-2021_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openvswitch2.16_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-python-agent_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic-inspector_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openstack-ironic_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-kuryr_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift-clients_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:openshift_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:kata-containers_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:jenkins-2-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ignition_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:haproxy_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:fuse-overlayfs_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:crun_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-tools_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:cri-o_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:coreos-installer_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containers-common_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:containernetworking-plugins_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:console-login-helper-messages_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:butane_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:buildah_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:atomic-openshift-service-idler_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:o:red_hat:ovn21.12_redhat_package:*:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2022:0055
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
