CVE-2022-2068: Command Injection
First published: Wed Jun 15 2022(Updated: )
OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request using shell metacharacters, an attacker could exploit this vulnerability to execute arbitrary commands with the privileges of the script on the system.
Credit: openssl-security@openssl.org openssl-security@openssl.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jbcs-httpd24-openssl | <1:1.1.1k-13.el8 | 1:1.1.1k-13.el8 |
| redhat/jbcs-httpd24-openssl | <1:1.1.1k-13.el7 | 1:1.1.1k-13.el7 |
| redhat/openssl | <1:1.1.1k-7.el8_6 | 1:1.1.1k-7.el8_6 |
| redhat/openssl | <1:3.0.1-41.el9_0 | 1:3.0.1-41.el9_0 |
| redhat/jws5-tomcat-native | <0:1.2.31-11.redhat_11.el7 | 0:1.2.31-11.redhat_11.el7 |
| redhat/jws5-tomcat-native | <0:1.2.31-11.redhat_11.el8 | 0:1.2.31-11.redhat_11.el8 |
| redhat/jws5-tomcat-native | <0:1.2.31-11.redhat_11.el9 | 0:1.2.31-11.redhat_11.el9 |
| IBM Security Verify Access Docker | <=10.0.0.0 - 10.0.6.1 | |
| IBM Security Verify Access Appliance | <=10.0.0.0 - 10.0.6.1 | |
| redhat/openssl | <1.0.2 | 1.0.2 |
| redhat/openssl | <1.1.1 | 1.1.1 |
| redhat/openssl | <3.0.4 | 3.0.4 |
| ubuntu/nodejs | <12.22.9~dfsg-1ubuntu3.1 | 12.22.9~dfsg-1ubuntu3.1 |
| ubuntu/openssl | <1.1.1-1ubuntu2.1~18.04.19 | 1.1.1-1ubuntu2.1~18.04.19 |
| ubuntu/openssl | <1.1.1 | 1.1.1 |
| ubuntu/openssl | <1.1.1 | 1.1.1 |
| ubuntu/openssl | <3.0.2-0ubuntu1.5 | 3.0.2-0ubuntu1.5 |
| ubuntu/openssl | <1.1.1<3.0.4 | 1.1.1 3.0.4 |
| ubuntu/openssl | <1.0.2 | 1.0.2 |
| ubuntu/openssl1.0 | <1.0.2 | 1.0.2 |
| debian/openssl | 1.1.1n-0+deb10u3 1.1.1n-0+deb10u6 1.1.1w-0+deb11u1 1.1.1n-0+deb11u5 3.0.11-1~deb12u2 3.2.1-3 | |
| OpenSSL OpenSSL | >=1.0.2<1.0.2zf | |
| OpenSSL OpenSSL | >=1.1.1<1.1.1p | |
| OpenSSL OpenSSL | >=3.0.0<3.0.4 | |
| Debian Debian Linux | =10.0 | |
| Debian Debian Linux | =11.0 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| Siemens Sinec Ins | <1.0 | |
| Siemens Sinec Ins | =1.0 | |
| Siemens Sinec Ins | =1.0-sp1 | |
| Siemens Sinec Ins | =1.0-sp2 | |
| Netapp Element Software | ||
| Netapp Hci Management Node | ||
| Netapp Ontap Antivirus Connector | ||
| NetApp ONTAP Select Deploy administration utility | ||
| Netapp Santricity Smi-s Provider | ||
| Netapp Smi-s Provider | ||
| Netapp Snapmanager Hyper-v | ||
| Netapp Solidfire | ||
| All of | ||
| Netapp Bootstrap Os | ||
| Netapp Hci Compute Node | ||
| All of | ||
| Netapp H615c Firmware | ||
| Netapp H615c | ||
| All of | ||
| Netapp H610s Firmware | ||
| Netapp H610s | ||
| All of | ||
| Netapp H610c Firmware | ||
| Netapp H610c | ||
| All of | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| All of | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| All of | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| All of | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| All of | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| All of | ||
| Netapp Fas 8300 Firmware | ||
| Netapp Fas 8300 | ||
| All of | ||
| Netapp Fas 8700 Firmware | ||
| Netapp Fas 8700 | ||
| All of | ||
| Netapp Fas A400 Firmware | ||
| Netapp Fas A400 | ||
| All of | ||
| Netapp Aff 8300 Firmware | ||
| Netapp Aff 8300 | ||
| All of | ||
| Netapp Aff 8700 Firmware | ||
| Netapp Aff 8700 | ||
| All of | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 | ||
| Broadcom Sannav | ||
| Netapp Bootstrap Os | ||
| Netapp Hci Compute Node | ||
| Netapp H615c Firmware | ||
| Netapp H615c | ||
| Netapp H610s Firmware | ||
| Netapp H610s | ||
| Netapp H610c Firmware | ||
| Netapp H610c | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| Netapp Fas 8300 Firmware | ||
| Netapp Fas 8300 | ||
| Netapp Fas 8700 Firmware | ||
| Netapp Fas 8700 | ||
| Netapp Fas A400 Firmware | ||
| Netapp Fas A400 | ||
| Netapp Aff 8300 Firmware | ||
| Netapp Aff 8300 | ||
| Netapp Aff 8700 Firmware | ||
| Netapp Aff 8700 | ||
| Netapp Aff A400 Firmware | ||
| Netapp Aff A400 |
Remedy
As mentioned in the upstream security advisory, use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command-line tool.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2022-2068 https://nvd.nist.gov/vuln/detail/CVE-2022-2068 https://www.openssl.org/news/secadv/20220621.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=2097310
- https://access.redhat.com/errata/RHSA-2022:8840
- https://access.redhat.com/errata/RHSA-2022:5818
- https://access.redhat.com/errata/RHSA-2022:6224
- https://access.redhat.com/errata/RHSA-2022:8841
- https://access.redhat.com/errata/RHSA-2022:8913
- https://access.redhat.com/errata/RHSA-2022:8917
- https://access.redhat.com/security/cve/cve-2022-2068
- https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
- https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
- https://security.netapp.com/advisory/ntap-20220707-0008/
- https://www.debian.org/security/2022/dsa-5169
- https://www.openssl.org/news/secadv/20220621.txt
- https://launchpad.net/bugs/cve/CVE-2022-2068
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
- https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/226018
- https://www.ibm.com/support/pages/node/7106586 (Advisory)
- https://access.redhat.com/security/cve/CVE-2022-1292
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099974
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099971
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099972
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099975
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099969
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099970
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2099973
- https://github.com/openssl/openssl/commit/2c9c35870601b4a44d86ddbf512b38df38285cfa
- https://github.com/openssl/openssl/commit/9639817dac8bbbaa64d09efad7464ccc405527c7
- https://github.com/openssl/openssl/commit/7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9
- https://github.com/openssl/openssl/commit/8a3579a7b7067a983e69a4eda839ac408c120739
- https://access.redhat.com/errata/RHSA-2023:5931
- https://access.redhat.com/errata/RHSA-2023:5979
- https://access.redhat.com/errata/RHSA-2023:5980
- https://access.redhat.com/errata/RHSA-2023:5982
- https://access.redhat.com/errata/RHSA-2023:6818
- https://security-tracker.debian.org/tracker/CVE-2022-2068
- https://ubuntu.com/security/notices/USN-5488-1
- https://ubuntu.com/security/notices/USN-5488-2
- https://ubuntu.com/security/notices/USN-6457-1
- https://www.cve.org/CVERecord?id=CVE-2022-2068
- https://nvd.nist.gov/vuln/detail/CVE-2022-2068
- https://ubuntu.com/security/CVE-2022-2068
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-2068.
What is the severity of CVE-2022-2068?
The severity of CVE-2022-2068 is critical with a severity value of 9.8.
What is the affected software?
The affected software includes OpenSSL versions 1.0.2 to 1.0.2zf, 1.1.1 to 1.1.1p, and 3.0.0 to 3.0.4, as well as certain packages from Red Hat, Debian, and other sources.
How can a remote attacker exploit CVE-2022-2068?
A remote attacker can exploit CVE-2022-2068 by injecting arbitrary commands into the c_rehash script, leading to command injection and potential execution of arbitrary commands on the system.
Are there any remediation steps available?
Yes, there are remediation steps available. Please refer to the provided references for detailed instructions and patches.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/severity
- agent/remedy
- agent/description
- agent/weakness
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2022-2068
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-index
- package-manager/redhat
- vendor/ibm
- canonical/ibm security verify access docker
- version/ibm security verify access docker/10.0.0.0 - 10.0.6.1
- canonical/ibm security verify access appliance
- version/ibm security verify access appliance/10.0.0.0 - 10.0.6.1
- package-manager/ubuntu
- package-manager/debian
- vendor/openssl
- canonical/openssl openssl
- version/openssl openssl/1.0.2
- version/openssl openssl/1.1.1
- version/openssl openssl/3.0.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- version/debian debian linux/11.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- vendor/siemens
- canonical/siemens sinec ins
- version/siemens sinec ins/1.0
- version/siemens sinec ins/1.0-sp1
- version/siemens sinec ins/1.0-sp2
- vendor/netapp
- canonical/netapp element software
- canonical/netapp hci management node
- canonical/netapp ontap antivirus connector
- canonical/netapp ontap select deploy administration utility
- canonical/netapp santricity smi-s provider
- canonical/netapp smi-s provider
- canonical/netapp snapmanager hyper-v
- canonical/netapp solidfire
- canonical/netapp bootstrap os
- canonical/netapp hci compute node
- canonical/netapp h615c firmware
- canonical/netapp h615c
- canonical/netapp h610s firmware
- canonical/netapp h610s
- canonical/netapp h610c firmware
- canonical/netapp h610c
- canonical/netapp h410c firmware
- canonical/netapp h410c
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/netapp fas 8300 firmware
- canonical/netapp fas 8300
- canonical/netapp fas 8700 firmware
- canonical/netapp fas 8700
- canonical/netapp fas a400 firmware
- canonical/netapp fas a400
- canonical/netapp aff 8300 firmware
- canonical/netapp aff 8300
- canonical/netapp aff 8700 firmware
- canonical/netapp aff 8700
- canonical/netapp aff a400 firmware
- canonical/netapp aff a400
- vendor/broadcom
- canonical/broadcom sannav