An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-09-06T17:18:52
Updated: 2024-08-03T03:43:46.011Z
Reserved: 2022-01-19T00:00:00
Link: CVE-2022-23451
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-09-06T18:15:10.640
Modified: 2024-11-21T06:48:34.943
Link: CVE-2022-23451
Redhat