CVE-2022-23451

EPSS 0.34% · P57 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-23451

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

barbican 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

barbican是 OpenStack 密钥管理服务，API 服务器。 barbican存在授权问题漏洞，该漏洞允许远程用户在应用程序中执行未经授权的操作。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	openstack/barbican	Fixed in v14.0.0	-

II. Public POCs for CVE-2022-23451

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-23451

请登录查看更多情报信息。

https://review.opendev.org/c/openstack/barbican/+/811236x_refsource_MISC
https://access.redhat.com/security/cve/CVE-2022-23451x_refsource_MISC
https://storyboard.openstack.org/#%21/story/2009253x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=2022878x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=2025089x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-23451

Same Patch Batch · n/a · 2022-09-06 · 49 CVEs total

CVE-2022-31790		WatchGuard Firebox 安全漏洞
CVE-2020-21516		FeehiCMS 代码问题漏洞
CVE-2022-31792		WatchGuard Firebox 跨站脚本漏洞
CVE-2022-38176		YSoft SAFEQ 6 安全漏洞
CVE-2022-36663		Gluu 代码问题漏洞
CVE-2022-35913		Samourai Wallet Stonewallx2 资源管理错误漏洞
CVE-2022-38528		Open Asset Import Library 缓冲区错误漏洞
CVE-2022-38529		tinyexr 缓冲区错误漏洞
CVE-2022-37253		Crime Reporting System 跨站脚本漏洞
CVE-2022-36670		Symantec PCProtect Endpoint 安全漏洞
CVE-2022-37771		IObit Malware Fighter 安全漏洞
CVE-2022-31860		OpenRemote 安全漏洞
CVE-2022-32264		FreeBSD 资源管理错误漏洞
CVE-2022-27664		Google Golang 安全漏洞
CVE-2022-23691		Aruba AOS-CX 授权问题漏洞
CVE-2022-23690		Aruba AOS-CX 安全漏洞
CVE-2022-23689		Aruba AOS-CX 资源管理错误漏洞
CVE-2022-23688		Aruba AOS-CX 资源管理错误漏洞
CVE-2022-23687		Aruba AOS-CX 资源管理错误漏洞
CVE-2022-23686		Aruba AOS-CX 资源管理错误漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: openstack/barbican

CVE-2022-23452
barbican 授权问题漏洞

Same vendor: n/a

Same weakness: CWE-863

V. Comments for CVE-2022-23451

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-23451

I. Basic Information for CVE-2022-23451

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-23451

III. Intelligence Information for CVE-2022-23451

Same Patch Batch · n/a · 2022-09-06 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-23451

Leave a comment