CVE-2022-4039: Rhsso-container-image: unsecured management interface exposed to adjecent network

First published: Wed Nov 16 2022(Updated: )

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Credit: secalert@redhat.com secalert@redhat.com

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-cve
• agent/author
• agent/type
• agent/first-publish-date
• agent/references
• agent/severity
• agent/weakness
• collector/redhat-bugzilla
• source/Red Hat
• alias/CVE-2022-4039
• agent/software-canonical-lookup
• agent/title
• agent/description
• agent/event
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/trending
• collector/nvd-index
• agent/software-canonical-lookup-request
• collector/nvd-api
• agent/tags
• agent/softwarecombine
• agent/source
• package-manager/redhat
• vendor/redhat
• canonical/red hat single sign-on
• version/red hat single sign-on/7.0
• canonical/red hat openshift container platform
• version/red hat openshift container platform/4.9
• version/red hat openshift container platform/4.10
• canonical/redhat openshift container platform for linuxone
• version/redhat openshift container platform for linuxone/4.9
• version/redhat openshift container platform for linuxone/4.10
• canonical/red hat enterprise linux
• version/red hat enterprise linux/8.0