PT-2022-17351 · Booth+7 · Booth+7

Jan Friesse

Published

2022-07-01

Updated

2024-06-15

CVE-2022-2553

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions booth (affected versions not specified)

Description The issue concerns the authfile directive in the booth config file being ignored. This prevents the use of authentication in communications between nodes, allowing nodes without the correct authentication key to communicate with other nodes in the cluster.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

ALSA-2022:6439

ALSA-2022:6580

AZL-25645

AZL-36933

CESA-2022_6439

CVE-2022-2553

DSA-5194-1

OPENSUSE-SU-2022_2608-1

OPENSUSE-SU-2022_2609-1

OPENSUSE-SU-2024:12315-1

RHSA-2022:6250

RHSA-2022:6439

RHSA-2022:6580

RHSA-2022_6439

RHSA-2022_6580

RLSA-2022:6439

SUSE-SU-2022:2605-1

SUSE-SU-2022:2606-1

SUSE-SU-2022:2607-1

SUSE-SU-2022:2608-1

SUSE-SU-2022:2609-1

SUSE-SU-2022_2606-1

SUSE-SU-2022_2607-1

SUSE-SU-2022_2608-1

SUSE-SU-2022_2609-1

USN-5556-1

Affected Products

Almalinux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Booth

PT-2022-17351 · Booth+7 · Booth+7

CVE-2022-2553

Weakness Enumeration

Related Identifiers

Affected Products

References · 43