RHSSO OpenShift Images: Unsecured Mgt Interface Enables RCE
CVE-2022-4039 Published on September 22, 2023

Rhsso-container-image: unsecured management interface exposed to adjecent network
A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Timeline

2022-11-15

Reported to Red Hat.

2023-02-28

Made public. 105 days later.

Weakness Type

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

Products Associated with CVE-2022-4039

Want to know whenever a new CVE is published for Red Hat Single Sign On? stack.watch will email you.

Red Hat Single Sign On

Affected Versions

Red Hat RHEL-8 based Middleware Containers:

Version 7.6-20 and below * is unaffected.

Red Hat Single Sign-On 7:

Exploit Probability

EPSS

0.12%

Percentile

31.06%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

RHSSO OpenShift Images: Unsecured Mgt Interface Enables RCECVE-2022-4039 Published on September 22, 2023

Vulnerability Analysis

Timeline

Weakness Type

Incorrect Default Permissions

Products Associated with CVE-2022-4039

Affected Versions

Exploit Probability

RHSSO OpenShift Images: Unsecured Mgt Interface Enables RCE
CVE-2022-4039 Published on September 22, 2023