CVE-2022-22576 vulnerability in Canonical and Other Products
Published on May 26, 2022

An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only).

Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2022-22576 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2022-22576. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

NONE

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2022-22576 has been classified to as an authentification vulnerability or weakness.

Products Associated with CVE-2022-22576

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2022-22576 are published in these products:

Canonical Ubuntu Linux

Haxx Curl

Debian Linux

NetApp Element Software

NetApp Clustered Data Ontap

NetApp Solidfire

NetApp Hci Management Node

NetApp Solidfire Hci Management Node

NetApp Solidfire Hci Storage Node

Brocade Fabric Operating System

Splunk Universal Forwarder

Exploit Probability

EPSS

0.34%

Percentile

56.61%