Search
Find a vulnerability
Search criteria
4 vulnerabilities found for booth by clusterlabs
CVE-2024-3049 (GCVE-0-2024-3049)
Vulnerability from nvd – Published: 2024-06-06 05:30 – Updated: 2026-03-17 21:04
VLAI
Title
Booth: specially crafted hash can lead to invalid hmac being accepted by booth server
Summary
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:3657 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3658 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3659 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3660 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3661 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4400 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4411 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-3049 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2272082 | issue-trackingx_refsource_REDHAT |
| https://github.com/ClusterLabs/booth/pull/142 | |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2024… |
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
1.0-283.1
|
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:1.1-1.el8_10.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::highavailability cpe:/a:redhat:enterprise_linux:8::resilientstorage |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_6.2 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::highavailability cpe:/a:redhat:rhel_e4s:8.6::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_6.2 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::highavailability cpe:/a:redhat:rhel_e4s:8.6::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support |
Unaffected:
0:1.0-283.1.9d4029a.git.el8_8.1 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.8::resilientstorage cpe:/a:redhat:rhel_eus:8.8::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.1-1.el9_4.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::resilientstorage cpe:/a:redhat:enterprise_linux:9::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:1.0-251.3.bfb2f92.git.el9_0.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::resilientstorage cpe:/a:redhat:rhel_e4s:9.0::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:1.0-283.1.9d4029a.git.el9_2.1 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::resilientstorage cpe:/a:redhat:rhel_eus:9.2::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
Date Public
2024-05-27 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3049",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T20:24:04.305850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T20:24:16.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-24T18:03:12.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:3657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3657"
},
{
"name": "RHSA-2024:3658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3658"
},
{
"name": "RHSA-2024:3659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3659"
},
{
"name": "RHSA-2024:3660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3660"
},
{
"name": "RHSA-2024:3661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3661"
},
{
"name": "RHSA-2024:4400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4400"
},
{
"name": "RHSA-2024:4411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4411"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3049"
},
{
"name": "RHBZ#2272082",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERCFM3HXFJKLEMMWU3CZLPKH5LZAEDAN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPK5BHYOB7CFFRQAN55YV5LH44PWHMQD/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00037.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/ClusterLabs/booth",
"defaultStatus": "unaffected",
"packageName": "booth",
"versions": [
{
"status": "affected",
"version": "1.0-283.1"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::highavailability",
"cpe:/a:redhat:enterprise_linux:8::resilientstorage"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1-1.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::highavailability",
"cpe:/a:redhat:rhel_e4s:8.6::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::highavailability",
"cpe:/a:redhat:rhel_e4s:8.6::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::resilientstorage",
"cpe:/a:redhat:rhel_eus:8.8::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-283.1.9d4029a.git.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::resilientstorage",
"cpe:/a:redhat:enterprise_linux:9::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1-1.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::resilientstorage",
"cpe:/a:redhat:rhel_e4s:9.0::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-251.3.bfb2f92.git.el9_0.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::resilientstorage",
"cpe:/a:redhat:rhel_eus:9.2::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-283.1.9d4029a.git.el9_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2024-05-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T21:04:05.024Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:3657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3657"
},
{
"name": "RHSA-2024:3658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3658"
},
{
"name": "RHSA-2024:3659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3659"
},
{
"name": "RHSA-2024:3660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3660"
},
{
"name": "RHSA-2024:3661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3661"
},
{
"name": "RHSA-2024:4400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4400"
},
{
"name": "RHSA-2024:4411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4411"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3049"
},
{
"name": "RHBZ#2272082",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
},
{
"url": "https://github.com/ClusterLabs/booth/pull/142"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-28T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-05-27T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Booth: specially crafted hash can lead to invalid hmac being accepted by booth server",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-345: Insufficient Verification of Data Authenticity"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-3049",
"datePublished": "2024-06-06T05:30:04.137Z",
"dateReserved": "2024-03-28T17:17:50.507Z",
"dateUpdated": "2026-03-17T21:04:05.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-2553 (GCVE-0-2022-2553)
Vulnerability from nvd – Published: 2022-07-28 00:00 – Updated: 2024-08-03 00:39
VLAI
Summary
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/ClusterLabs/booth/commit/35bf0… | |
| https://www.debian.org/security/2022/dsa-5194 | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:08.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"
},
{
"name": "DSA-5194",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5194"
},
{
"name": "FEDORA-2022-e0a87993b8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"
},
{
"name": "FEDORA-2022-6744980220",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Booth",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Booth versions after v1.0-85-gda79b8b are vulnerable. Resolved in booth v1.0-263-g35bf0b7."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"
},
{
"name": "DSA-5194",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5194"
},
{
"name": "FEDORA-2022-e0a87993b8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"
},
{
"name": "FEDORA-2022-6744980220",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2553",
"datePublished": "2022-07-28T00:00:00.000Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:39:08.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-3049 (GCVE-0-2024-3049)
Vulnerability from cvelistv5 – Published: 2024-06-06 05:30 – Updated: 2026-03-17 21:04
VLAI
Title
Booth: specially crafted hash can lead to invalid hmac being accepted by booth server
Summary
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-345 - Insufficient Verification of Data Authenticity
Assigner
References
13 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:3657 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3658 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3659 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3660 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:3661 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4400 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:4411 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-3049 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2272082 | issue-trackingx_refsource_REDHAT |
| https://github.com/ClusterLabs/booth/pull/142 | |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2024… |
Impacted products
13 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
1.0-283.1
|
|||
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
0:1.1-1.el8_10.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::highavailability cpe:/a:redhat:enterprise_linux:8::resilientstorage |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_4.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::highavailability cpe:/a:redhat:rhel_tus:8.4::highavailability cpe:/a:redhat:rhel_aus:8.4::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_6.2 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::highavailability cpe:/a:redhat:rhel_e4s:8.6::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions |
Unaffected:
0:1.0-199.1.ac1d34c.git.el8_6.2 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.6::highavailability cpe:/a:redhat:rhel_e4s:8.6::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 8.8 Extended Update Support |
Unaffected:
0:1.0-283.1.9d4029a.git.el8_8.1 , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.8::resilientstorage cpe:/a:redhat:rhel_eus:8.8::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:1.1-1.el9_4.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::resilientstorage cpe:/a:redhat:enterprise_linux:9::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions |
Unaffected:
0:1.0-251.3.bfb2f92.git.el9_0.2 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:9.0::resilientstorage cpe:/a:redhat:rhel_e4s:9.0::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:1.0-283.1.9d4029a.git.el9_2.1 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::resilientstorage cpe:/a:redhat:rhel_eus:9.2::highavailability |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
Date Public
2024-05-27 00:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3049",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-13T20:24:04.305850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-13T20:24:16.483Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-24T18:03:12.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2024:3657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3657"
},
{
"name": "RHSA-2024:3658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3658"
},
{
"name": "RHSA-2024:3659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3659"
},
{
"name": "RHSA-2024:3660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3660"
},
{
"name": "RHSA-2024:3661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3661"
},
{
"name": "RHSA-2024:4400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4400"
},
{
"name": "RHSA-2024:4411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4411"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3049"
},
{
"name": "RHBZ#2272082",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERCFM3HXFJKLEMMWU3CZLPKH5LZAEDAN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPK5BHYOB7CFFRQAN55YV5LH44PWHMQD/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00037.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/ClusterLabs/booth",
"defaultStatus": "unaffected",
"packageName": "booth",
"versions": [
{
"status": "affected",
"version": "1.0-283.1"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::highavailability",
"cpe:/a:redhat:enterprise_linux:8::resilientstorage"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1-1.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::highavailability",
"cpe:/a:redhat:rhel_tus:8.4::highavailability",
"cpe:/a:redhat:rhel_aus:8.4::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::highavailability",
"cpe:/a:redhat:rhel_e4s:8.6::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::highavailability",
"cpe:/a:redhat:rhel_e4s:8.6::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.8::resilientstorage",
"cpe:/a:redhat:rhel_eus:8.8::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-283.1.9d4029a.git.el8_8.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::resilientstorage",
"cpe:/a:redhat:enterprise_linux:9::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.1-1.el9_4.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::resilientstorage",
"cpe:/a:redhat:rhel_e4s:9.0::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-251.3.bfb2f92.git.el9_0.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::resilientstorage",
"cpe:/a:redhat:rhel_eus:9.2::highavailability"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:1.0-283.1.9d4029a.git.el9_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "unknown",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"packageName": "booth",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2024-05-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-17T21:04:05.024Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:3657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3657"
},
{
"name": "RHSA-2024:3658",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3658"
},
{
"name": "RHSA-2024:3659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3659"
},
{
"name": "RHSA-2024:3660",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3660"
},
{
"name": "RHSA-2024:3661",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:3661"
},
{
"name": "RHSA-2024:4400",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4400"
},
{
"name": "RHSA-2024:4411",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:4411"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-3049"
},
{
"name": "RHBZ#2272082",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
},
{
"url": "https://github.com/ClusterLabs/booth/pull/142"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-03-28T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-05-27T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Booth: specially crafted hash can lead to invalid hmac being accepted by booth server",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-345: Insufficient Verification of Data Authenticity"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-3049",
"datePublished": "2024-06-06T05:30:04.137Z",
"dateReserved": "2024-03-28T17:17:50.507Z",
"dateUpdated": "2026-03-17T21:04:05.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-2553 (GCVE-0-2022-2553)
Vulnerability from cvelistv5 – Published: 2022-07-28 00:00 – Updated: 2024-08-03 00:39
VLAI
Summary
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.
Severity
No CVSS data available.
CWE
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/ClusterLabs/booth/commit/35bf0… | |
| https://www.debian.org/security/2022/dsa-5194 | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:08.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"
},
{
"name": "DSA-5194",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5194"
},
{
"name": "FEDORA-2022-e0a87993b8",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"
},
{
"name": "FEDORA-2022-6744980220",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Booth",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Booth versions after v1.0-85-gda79b8b are vulnerable. Resolved in booth v1.0-263-g35bf0b7."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67"
},
{
"name": "DSA-5194",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5194"
},
{
"name": "FEDORA-2022-e0a87993b8",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/"
},
{
"name": "FEDORA-2022-6744980220",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-2553",
"datePublished": "2022-07-28T00:00:00.000Z",
"dateReserved": "2022-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:39:08.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}