{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T06:28:51.609","vulnerabilities":[{"cve":{"id":"CVE-2022-23451","sourceIdentifier":"secalert@redhat.com","published":"2022-09-06T18:15:10.640","lastModified":"2026-06-17T04:30:08.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authorization flaw was found in openstack-barbican. The default policy rules for the secret metadata API allowed any authenticated user to add, modify, or delete metadata from any secret regardless of ownership. This flaw allows an attacker on the network to modify or delete protected data, causing a denial of service by consuming protected resources."},{"lang":"es","value":"Se ha encontrado un fallo de autorización en openstack-barbican. Las reglas de política por defecto para la API de metadatos secretos permitían a cualquier usuario autenticado añadir, modificar o eliminar metadatos de cualquier secreto independientemente de su propiedad. Este fallo permite a un atacante en la red modificar o eliminar datos protegidos, causando una denegación de servicio al consumir recursos protegidos.\n"}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"n/a","product":"openstack/barbican","versions":[{"version":"Fixed in v14.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:barbican:*:*:*:*:*:*:*:*","versionEndExcluding":"14.0.0","matchCriteriaId":"F0E48953-548A-4FDC-944E-A86EA5908E9A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*","matchCriteriaId":"C52600BF-9E87-4CD2-91F3-685AFE478C1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*","matchCriteriaId":"DCC81071-B46D-4F5D-AC25-B4A4CCC20C73"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*","matchCriteriaId":"4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2022-23451","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2022878","source":"secalert@redhat.com","tags":["Issue Tracking","Permissions Required"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2025089","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://review.opendev.org/c/openstack/barbican/+/811236","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory"]},{"url":"https://storyboard.openstack.org/#%21/story/2009253","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2022-23451","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2022878","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Permissions Required"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2025089","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://review.opendev.org/c/openstack/barbican/+/811236","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://storyboard.openstack.org/#%21/story/2009253","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}