CVE-2022-23452

EPSS 0.44% · P63 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-23452

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An authorization flaw was found in openstack-barbican, where anyone with an admin role could add secrets to a different project container. This flaw allows an attacker on the network to consume protected resources and cause a denial of service.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

barbican 授权问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

barbican是 OpenStack 密钥管理服务，API 服务器。 barbican存在授权问题漏洞，该漏洞是由于缺少授权检查而存在的。具有管理员角色的远程用户可以将机密添加到不同的项目容器。此漏洞允许网络上的攻击者消耗受保护的资源并导致拒绝服务。该漏洞允许远程用户在应用程序中执行未经授权的操作。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	openstack/barbican	Fixed in v14.0.0	-

II. Public POCs for CVE-2022-23452

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-23452

请登录查看更多情报信息。

https://review.opendev.org/c/openstack/barbican/+/814200x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=2025090x_refsource_MISC
https://storyboard.openstack.org/#%21/story/2009297x_refsource_MISC
https://access.redhat.com/security/cve/CVE-2022-23452x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=2022908x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-23452

Same Patch Batch · n/a · 2022-09-01 · 49 CVEs total

CVE-2022-1677		Red Hat OpenShift Container Platform 资源管理错误漏洞
CVE-2022-2256		Red Hat Keycloak 跨站脚本漏洞
CVE-2022-2308		Linux kernel 安全漏洞
CVE-2022-2447		OpenStack 安全漏洞
CVE-2022-2639		Linux kernel 数字错误漏洞
CVE-2022-2738		Red Hat Enterprise Linux 资源管理错误漏洞
CVE-2022-2739		Red Hat Enterprise Linux 信息泄露漏洞
CVE-2022-3078		Linux kernel 代码问题漏洞
CVE-2022-2403		Red Hat OpenShift Container Platform 信息泄露漏洞
CVE-2022-1902		Red Hat stackrox 安全漏洞
CVE-2022-2238		Red Hat search-api 资源管理错误漏洞
CVE-2022-36604		Canaan Avalon ASIC Miner 访问控制错误漏洞
CVE-2022-36603		InnoSilicon T3T+ 安全漏洞
CVE-2022-36602		InnoSilicon A10 安全漏洞
CVE-2022-36601		JASMINER X4 Server 安全漏洞
CVE-2020-27784		Linux kernel 资源管理错误漏洞
CVE-2020-35533		Libraw 缓冲区错误漏洞
CVE-2020-35534		Libraw 安全漏洞
CVE-2020-35535		Libraw 缓冲区错误漏洞
CVE-2020-35530		Libraw 缓冲区错误漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: openstack/barbican

CVE-2022-23451
barbican 授权问题漏洞

Same vendor: n/a

Same weakness: CWE-863

V. Comments for CVE-2022-23452

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-23452

I. Basic Information for CVE-2022-23452

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-23452

III. Intelligence Information for CVE-2022-23452

Same Patch Batch · n/a · 2022-09-01 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-23452

Leave a comment