UBUNTU-CVE-2022-2393

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2022-2393
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-2393.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-2393
Related
Published
2022-07-14T15:15:00Z
Modified
2024-10-15T14:09:47Z
Severity
  • 5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

A flaw was found in pki-core, which could allow a user to get a certificate for another user identity when directory-based authentication is enabled. This flaw allows an authenticated attacker on the adjacent network to impersonate another user within the scope of the domain, but they would not be able to decrypt message content.

References

Affected packages

Ubuntu:Pro:16.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.2.6-1
10.2.6-2
10.2.6-3
10.2.6+git20160317-1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.3.5+12-4ubuntu1
10.3.5+12-5
10.5.3-3
10.5.3-4
10.5.5-1
10.6.0~beta2-3
10.6.0-1ubuntu1
10.6.0-1ubuntu2

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.7.3-4
10.8.3-1ubuntu1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / dogtag-pki

Package

Name
dogtag-pki
Purl
pkg:deb/ubuntu/dogtag-pki?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

10.*

10.10.2-3build1

11.*

11.0.0-1

Ecosystem specific 

{
    "ubuntu_priority": "medium"
}