Multiple vulnerabilities in Red Hat Advanced Cluster Management for Kubernetes 2.4
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 20 |
| CVE-ID | CVE-2022-0235 CVE-2022-21803 CVE-2021-43565 CVE-2022-0536 CVE-2022-24771 CVE-2021-23555 CVE-2022-0613 CVE-2022-1365 CVE-2022-24772 CVE-2022-24785 CVE-2022-24723 CVE-2022-24773 CVE-2022-0155 CVE-2022-24450 CVE-2018-25032 CVE-2021-4028 CVE-2021-4115 CVE-2022-1154 CVE-2022-1271 CVE-2022-25636 |
| CWE-ID | CWE-200 CWE-20 CWE-347 CWE-284 CWE-639 CWE-863 CWE-22 CWE-119 CWE-416 CWE-400 CWE-122 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #17 is available. Public exploit code for vulnerability #20 is available. |
| Vulnerable software |
Red Hat Advanced Cluster Management for Kubernetes Server applications / Other server solutions |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 20 vulnerabilities.
1) Information disclosure
EUVDB-ID: #VU61471
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-0235
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the application follows the "Location" HTTP header redirect and passes authorization cookie to a third-party resource. A remote attacker can gain access to sensitive information.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU64696
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-21803
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify files on the system.
The vulnerability exists due to .set() function that is responsible for setting the configuration properties is vulnerable to Prototype Pollution. A remote attacker can provide a specially crafted property, leading to prototype object pollution.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU64805
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2021-43565
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when parsing a Signer to ServerConfig.AddHostKey in cases where the Signer passed to AddHostKey does not implement AlgorithmSigner or the Signer passed to AddHostKey returns a key of type “ssh-rsa” from its PublicKey method. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU61668
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-0536
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU65749
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24771
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restrictions.
The vulnerability exists due to a improper signature verification when checking the digestAlgorithm structure. A remote unauthenticated attacker can use a specially-crafted structure to steal padding bytes and use unchecked portion of the PKCS#1 encoded message to exploit this vulnerability and forge a signature when a low public exponent is being used.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Improper access control
EUVDB-ID: #VU70543
Risk: High
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2021-23555
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to sandbox bypass via direct access to host error objects generated by node internals during generation of a stacktraces. A remote attacker can execute arbitrary code on the target system.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Authorization bypass through user-controlled key
EUVDB-ID: #VU66815
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-0613
CWE-ID:
CWE-639 - Authorization Bypass Through User-Controlled Key
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to the application.
The vulnerability exists due to missing access checks. A remote attacker can manipulate values in the request to gain unauthorized access to the application.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Incorrect authorization
EUVDB-ID: #VU66071
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-1365
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to exposure of sensitive information due to insecure following of redirects. A remote attacker can force the application to redirect to a malicious website and gain access to authorization cookie.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU66758
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24772
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to incorrect RSA PKCS#1 v1.5 signature verification caused by a missing check or tailing garbage bytes after decoding a `DigestInfo` ASN.1 structure. A remote attacker can forge a signature and perform a man-in-the-middle (MitM) attack.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Path traversal
EUVDB-ID: #VU62463
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24785
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences within the npm version of Moment.js. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Input validation error
EUVDB-ID: #VU69644
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24723
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify application behavior.
The vulnerability exists due to insufficient validation of user-supplied input when handling whitespace characters in URL. A remote attacker can pass specially crafted input to the application and modify application behavior.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Improper Verification of Cryptographic Signature
EUVDB-ID: #VU65780
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24773
CWE-ID:
CWE-347 - Improper Verification of Cryptographic Signature
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to signature verification code does not properly check `DigestInfo` for a proper ASN.1 structure. A remote unauthenticated attacker can get a successful verification with signatures that contain invalid structures but a valid digest
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Information disclosure
EUVDB-ID: #VU61669
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-0155
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Incorrect authorization
EUVDB-ID: #VU64698
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-24450
CWE-ID:
CWE-863 - Incorrect Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to misusing the "dynamically provisioned sandbox accounts" feature. A remote user can take advantage of its valid account and switch over to another existing account without further authentication to obtain the privileges of the System account.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Buffer overflow
EUVDB-ID: #VU61671
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2018-25032
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when compressing data. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Use-after-free
EUVDB-ID: #VU60797
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-4028
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error in the RDMA listen()
function in Linux kernel. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Resource exhaustion
EUVDB-ID: #VU61268
Risk: Low
CVSSv4.0: 5.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2021-4115
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to process file descriptor exhaustion in polkit. A local user can perform a denial of service (DoS) attack.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
18) Use-after-free
EUVDB-ID: #VU61763
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-1154
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the utf_ptr2char() function in regexp_bt.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Input validation error
EUVDB-ID: #VU62002
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2022-1271
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to insufficient validation when processing filenames with two or more newlines. A remote attacker can force zgrep or xzgrep to write arbitrary files on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Heap-based buffer overflow
EUVDB-ID: #VU61271
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2022-25636
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in net/netfilter/nf_dup_netdev.c in the Linux kernel, related to nf_tables_offload. A local user can trigger a heap-based buffer overflow and execute arbitrary code with elevated privileges.
Install updates from vendor's website.
Red Hat Advanced Cluster Management for Kubernetes: before 2.4.4
CPE2.3 External linkshttps://access.redhat.com/errata/RHSA-2022:1681
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
