CVE-2022-2553

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-2553
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-2553.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-2553
Related
Published
2022-07-28T15:15:07Z
Modified
2025-01-15T02:18:51.193585Z
Downstream
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.

References

Affected packages

Debian:11 / booth

Package

Name
booth
Purl
pkg:deb/debian/booth?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0-237-gdd88847-2+deb11u1

Affected versions

1.*

1.0-237-gdd88847-2

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / booth

Package

Name
booth
Purl
pkg:deb/debian/booth?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0-268-gdce51f9-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / booth

Package

Name
booth
Purl
pkg:deb/debian/booth?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0-268-gdce51f9-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/clusterlabs/booth

Affected ranges

Type
GIT
Repo
https://github.com/clusterlabs/booth
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
35bf0b7b048d715f671eb68974fb6b4af6528c67
Fixed
35bf0b7b048d715f671eb68974fb6b4af6528c67

Affected versions

v0.*

v0.1.0
v0.1.2
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.2.0

v1.*

v1.0
v1.0rc1