#VU68719 Improper Authentication in PKI - CVE-2022-2393

Cybersecurity Help s.r.o.

Published: 2022-10-25

Vulnerability identifier: #VU68719

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2022-2393

CWE-ID: CWE-287

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
PKI
Universal components / Libraries / Libraries used by multiple products

Vendor: Dogtag

Description

The vulnerability allows a remote user to bypass authentication process.

The vulnerability exists due to an error in in the certificate validation when directory-based authentication is enabled. A remote user on the local network can impersonate another user within the scope of the domain.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

PKI: 10.5.0 - 10.5.18

External links
https://bugzilla.redhat.com/show_bug.cgi?id=2101046

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat Enterprise Linux 8.6 Extended Update Support update for the pki-core:10.6 module

Red Hat Enterprise Linux 9 update for pki-core

Multiple vulnerabilities in Oracle Linux

Anolis OS update for pki-core

Red Hat Enterprise Linux 7 update for pki-core

Red Hat Certificate System update for pki-core

Improper authentication in Dogtag PKI

Multiple vulnerabilities in Oracle Linux