{"containers": {"cna": {"affected": [{"product": "pki-core", "vendor": "n/a", "versions": [{"status": "affected", "version": "pki-core versions 10.12.4 and prior are affected."}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-07-14T14:53:46", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T00:39:07.715Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2022-2393", "datePublished": "2022-07-14T14:53:46", "dateReserved": "2022-07-12T00:00:00", "dateUpdated": "2024-08-03T00:39:07.715Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pki-core_project:pki-core:*:*:*:*:*:*:*:*", "matchCriteriaId": "025D479C-A4CB-442E-9A89-005CF4567026", "versionEndIncluding": "10.12.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:certificate_system:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F53A5C24-3524-4DC1-B3C8-5D86055BD7A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:certificate_system:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "95575E40-9DB8-43CB-B667-46803DAE501F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content."}, {"lang": "es", "value": "Se ha encontrado un fallo en pki-core, que podr\u00eda permitir a un usuario conseguir un certificado para otra identidad de usuario cuando la autenticaci\u00f3n basada en el directorio est\u00e1 habilitada. Este fallo permite a un atacante autenticado en la red adyacente hacerse pasar por otro usuario dentro del \u00e1mbito del dominio, pero no podr\u00eda descifrar el contenido de los mensajes"}], "id": "CVE-2022-2393", "lastModified": "2024-11-21T07:00:54.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 5.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-14T15:15:08.133", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Tim Bielawa (Red Hat, Inc.).", "affected_release": [{"advisory": "RHSA-2022:7077", "cpe": "cpe:/a:redhat:certificate_system:9.7::el7", "package": "pki-core-0:10.5.18-23.el7pki", "product_name": "Red Hat Certificate System 9.7", "release_date": "2022-10-24T00:00:00Z"}, {"advisory": "RHSA-2022:7086", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "pki-core-0:10.5.18-23.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-10-24T00:00:00Z"}, {"advisory": "RHSA-2023:3394", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "pki-core:10.6-8060020230411223433.60523a7b", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2023-05-31T00:00:00Z"}, {"advisory": "RHSA-2023:2293", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "pki-core-0:11.3.0-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "pki-core: When using the caServerKeygen_DirUserCert profile, user can get certificates for other UIDs by entering name in Subject field", "id": "2101046", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2101046"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.6", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", "status": "verified"}, "cwe": "CWE-287", "details": ["A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.", "A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content."], "mitigation": {"lang": "en:us", "value": "This flaw is not exposed if directory-based authentication is not enabled. It is not enabled by default."}, "name": "CVE-2022-2393", "package_state": [{"cpe": "cpe:/a:redhat:certificate_system:10", "fix_state": "Affected", "package_name": "redhat-pki:10/pki-core", "product_name": "Red Hat Certificate System 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "pki-core", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "pki-core:10.6/pki-core", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2022-07-12T17:25:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-2393\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-2393"], "statement": "This flaw is rated Moderate because the configuration setting that makes pki-core vulnerable - directory-based authentication - is disabled by default and the damage is somewhat limited to the domain where the ids are recognized (for example, in one corporation's realm). RHEL 8.7 was never affected as the fix rebased in RHEL 8.7 GA.", "threat_severity": "Moderate"}