Rapid7 Vulnerability & Exploit Database

CentOS Linux: CVE-2022-24302: Moderate: RHV Engine and Host Common Packages security update (CESA-2022:4712)

Free InsightVM Trial No Credit Card Necessary
Watch Demo See how it all works
Back to Search

CentOS Linux: CVE-2022-24302: Moderate: RHV Engine and Host Common Packages security update (CESA-2022:4712)

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
03/17/2022
Created
05/28/2022
Added
05/27/2022
Modified
05/25/2023

Description

In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.

Solution(s)

  • centos-upgrade-ansible-collection-ansible-netcommon
  • centos-upgrade-ansible-collection-ansible-posix
  • centos-upgrade-ansible-collection-ansible-utils
  • centos-upgrade-ovirt-ansible-collection
  • centos-upgrade-ovirt-imageio-client
  • centos-upgrade-ovirt-imageio-common
  • centos-upgrade-ovirt-imageio-common-debuginfo
  • centos-upgrade-ovirt-imageio-debuginfo
  • centos-upgrade-ovirt-imageio-debugsource
  • centos-upgrade-python-ovirt-engine-sdk4-debuginfo
  • centos-upgrade-python-ovirt-engine-sdk4-debugsource
  • centos-upgrade-python-pycurl-debuginfo
  • centos-upgrade-python-pycurl-debugsource
  • centos-upgrade-python3-jmespath
  • centos-upgrade-python3-netaddr
  • centos-upgrade-python3-ovirt-engine-sdk4
  • centos-upgrade-python3-ovirt-engine-sdk4-debuginfo
  • centos-upgrade-python3-passlib
  • centos-upgrade-python3-pycurl
  • centos-upgrade-python3-pycurl-debuginfo
  • centos-upgrade-python38-jmespath
  • centos-upgrade-python38-netaddr
  • centos-upgrade-python38-ovirt-engine-sdk4
  • centos-upgrade-python38-ovirt-engine-sdk4-debuginfo
  • centos-upgrade-python38-ovirt-imageio-client
  • centos-upgrade-python38-ovirt-imageio-common
  • centos-upgrade-python38-ovirt-imageio-common-debuginfo
  • centos-upgrade-python38-passlib
  • centos-upgrade-python38-pycurl
  • centos-upgrade-python38-pycurl-debuginfo

References

  • CVE-2022-24302

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;