Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2022-0552

Published: 11/04/2022 Updated: 12/02/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Origin-aggregated-logging

Vulnerability Summary

A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat origin-aggregated-logging 3.11

Vendor Advisories

Red Hat: Moderate: OpenShift Logging bug fix and security update (5.3.5)
Synopsis Moderate: OpenShift Logging bug fix and security update (535) Type/Severity Security Advisory: Moderate Topic OpenShift Logging bug fix and security update (535)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Red Hat: Moderate: OpenShift Logging bug fix and security update (5.2.8)
Synopsis Moderate: OpenShift Logging bug fix and security update (528) Type/Severity Security Advisory: Moderate Topic OpenShift Logging bug fix and security update (528)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Red Hat: Moderate: OpenShift Logging bug fix and security update (5.1.9)
Synopsis Moderate: OpenShift Logging bug fix and security update (519) Type/Severity Security Advisory: Moderate Topic OpenShift Logging bug fix and security update (519)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Red Hat:
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete The vulnerable netty-codec-http maven package was not removed from the image content ...

References

CWE-444https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004dhttps://bugzilla.redhat.com/show_bug.cgi?id=2052539https://access.redhat.com/security/cve/CVE-2021-21409https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2022:0721https://access.redhat.com/security/cve/cve-2022-0552
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook