An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-09-06T17:18:52

Updated: 2024-08-03T03:43:46.011Z

Reserved: 2022-01-19T00:00:00

Link: CVE-2022-23451

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-06T18:15:10.640

Modified: 2024-11-21T06:48:34.943

Link: CVE-2022-23451

cve-icon Redhat

Severity : Moderate

Publid Date: 2021-12-13T00:00:00Z

Links: CVE-2022-23451 - Bugzilla