Red Hat Enterprise Linux 9 update for pki-core

1) Improper Authentication

EUVDB-ID: #VU68719

Risk: Low

CVSSv3.1: 3.1 [CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-2393

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote user to bypass authentication process.

The vulnerability exists due to an error in in the certificate validation when directory-based authentication is enabled. A remote user on the local network can impersonate another user within the scope of the domain.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux for ARM 64: 9

Red Hat Enterprise Linux for Power, little endian: 9

Red Hat Enterprise Linux for IBM z Systems: 9

Red Hat Enterprise Linux for x86_64: 9

tomcatjss (Red Hat package): before 8.3.0-1.el9

pki-core (Red Hat package): before 11.3.0-1.el9

ldapjdk (Red Hat package): before 5.3.0-1.el9

jss (Red Hat package): before 5.3.0-1.el9

External links

http://access.redhat.com/errata/RHSA-2023:2293

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.