CVE-2022-4039 - OpenCVE

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Openshift Container Platform For Linuxone Openshift Container Platform Enterprise Linux Openshift Container Platform For Power Openshift Container Platform For Ibm Z Single Sign-on

Configuration 1 [-]

cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:a:redhat:openshift_container_platform:4.9:::::::*
	cpe:2.3:a:redhat:openshift_container_platform:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:::::::*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2023:1047	Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-4039	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2143416	Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-09-22T14:00:39.803Z

Updated: 2024-05-03T15:32:26.579Z

Reserved: 2022-11-16T21:32:53.153Z

Link: CVE-2022-4039

JSON object: View

NVD Information

Status : Modified

Published: 2023-09-22T15:15:09.847

Modified: 2023-11-07T03:56:46.790

Link: CVE-2022-4039

JSON object: View

Redhat Information

No data.

CWE

CWE-276

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-4039", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2022-11-16T21:32:53.153Z", "datePublished": "2023-09-22T14:00:39.803Z", "dateUpdated": "2024-05-03T15:32:26.579Z"}, "containers": {"cna": {"title": "Rhsso-container-image: unsecured management interface exposed to adjecent network", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration."}], "affected": [{"vendor": "Red Hat", "product": "RHEL-8 based Middleware Containers", "collectionURL": "https://catalog.redhat.com/software/containers/", "packageName": "rh-sso-7/sso76-openshift-rhel8", "defaultStatus": "affected", "versions": [{"version": "7.6-20", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhosemc:1.0::el8"]}, {"vendor": "Red Hat", "product": "Red Hat Single Sign-On 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhsso-container-image", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:red_hat_single_sign_on:7"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2023:1047", "name": "RHSA-2023:1047", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2022-4039", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143416", "name": "RHBZ#2143416", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2023-02-28T21:26:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-276: Incorrect Default Permissions", "timeline": [{"lang": "en", "time": "2022-11-15T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-02-28T21:26:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "This issue was discovered by Thibault Guittet (Red Hat)."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-05-03T15:32:26.579Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "81609549-25CE-4C8A-9DE3-170D23704208", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "0595C9F8-9C7A-4FC1-B7EE-52978A1B1E93", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "01B0F191-ADDB-4AAE-A5C5-5CC16909E64A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "FD75BCB4-F0E1-4C05-A2D7-001503C805C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "B02036DD-4489-480B-B7D4-4EB08952377B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "C7E78C55-45B6-4E01-9773-D3468F8EA9C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "30E2CF79-2D56-48AB-952E-5DDAFE471073", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "54E24055-813B-4E6D-94B7-FAD5F78B8537", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en Red Hat Single Sign-On para im\u00e1genes de contenedores OpenShift, que est\u00e1n configuradas con una interfaz de administraci\u00f3n no segura habilitada. Esta falla permite a un atacante usar esta interfaz para implementar c\u00f3digo malicioso y acceder y modificar informaci\u00f3n potencialmente sensible en la configuraci\u00f3n del servidor de aplicaciones."}], "id": "CVE-2022-4039", "lastModified": "2023-11-07T03:56:46.790", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-09-22T15:15:09.847", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2023:1047"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2022-4039"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2143416"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-276"}], "source": "secalert@redhat.com", "type": "Secondary"}]}