Unrated severityNVD Advisory· Published Jul 28, 2022· Updated Aug 3, 2024
CVE-2022-2553
CVE-2022-2553
Description
The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16- booth/boothdescription
- osv-coords15 versionspkg:rpm/almalinux/boothpkg:rpm/almalinux/booth-arbitratorpkg:rpm/almalinux/booth-corepkg:rpm/almalinux/booth-sitepkg:rpm/almalinux/booth-testpkg:rpm/opensuse/booth&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/booth&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/booth&distro=openSUSE%20Tumbleweedpkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP3pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20GEO%20Extension%2012%20SP4pkg:rpm/suse/booth&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20GEO%20Extension%2012%20SP5
< 1.0-199.1.ac1d34c.git.el8_6.1+ 14 more
- (no CPE)range: < 1.0-199.1.ac1d34c.git.el8_6.1
- (no CPE)range: < 1.0-199.1.ac1d34c.git.el8_6.1
- (no CPE)range: < 1.0-199.1.ac1d34c.git.el8_6.1
- (no CPE)range: < 1.0-199.1.ac1d34c.git.el8_6.1
- (no CPE)range: < 1.0-199.1.ac1d34c.git.el8_6.1
- (no CPE)range: < 1.0-150300.18.3.1
- (no CPE)range: < 1.0+20210519.bfb2f92-150400.3.3.1
- (no CPE)range: < 1.0+20220724.dce51f9-1.1
- (no CPE)range: < 1.0-150000.6.3.1
- (no CPE)range: < 1.0-150100.11.3.1
- (no CPE)range: < 1.0-150100.11.3.1
- (no CPE)range: < 1.0-150300.18.3.1
- (no CPE)range: < 1.0+20210519.bfb2f92-150400.3.3.1
- (no CPE)range: < 1.0-42.3.1
- (no CPE)range: < 1.0-42.3.1
Patches
Vulnerability mechanics
References
4- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J4T4TTXAABVUCMPUL7XQ2PH5EYYOOQZY/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHDOFX7NQFH3UGZZA3SGW5SVMDDHIUVD/mitrevendor-advisory
- www.debian.org/security/2022/dsa-5194mitrevendor-advisory
- github.com/ClusterLabs/booth/commit/35bf0b7b048d715f671eb68974fb6b4af6528c67mitre
News mentions
0No linked articles in our index yet.