CVE-2022-38065
First published: Wed Dec 21 2022(Updated: )
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git master 05194e7618 and prior. Overly permissive functionality within tools leveraging this library within a container can lead increased privileges.
Credit: talos-cna@cisco.com talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Openstack |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this privilege escalation vulnerability?
The vulnerability ID for this privilege escalation vulnerability is CVE-2022-38065.
What is the severity rating of CVE-2022-38065?
CVE-2022-38065 has a severity rating of 8.8, which is considered high.
What is the affected software for CVE-2022-38065?
The affected software for CVE-2022-38065 is Redhat Openstack.
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is 269.
How can I fix the privilege escalation vulnerability CVE-2022-38065?
To fix the privilege escalation vulnerability CVE-2022-38065, it is recommended to update to a version of OpenStack that includes the fix for this issue.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/redhat openstack