vulnerability
Red Hat OpenShift: CVE-2022-2996: python-scciclient: missing server certificate verification
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:N) | Sep 1, 2022 | Oct 16, 2023 | Apr 14, 2025 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:N)
Published
Sep 1, 2022
Added
Oct 16, 2023
Modified
Apr 14, 2025
Description
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.
Solution(s)
linuxrpm-upgrade-crudinilinuxrpm-upgrade-futurelinuxrpm-upgrade-openstack-ironiclinuxrpm-upgrade-openstack-ironic-inspectorlinuxrpm-upgrade-openstack-ironic-python-agentlinuxrpm-upgrade-openstack-macroslinuxrpm-upgrade-pyflakeslinuxrpm-upgrade-pyopenssllinuxrpm-upgrade-pysnmplinuxrpm-upgrade-python-alembiclinuxrpm-upgrade-python-amqplinuxrpm-upgrade-python-apipkglinuxrpm-upgrade-python-atomicwriteslinuxrpm-upgrade-python-automatonlinuxrpm-upgrade-python-autopagelinuxrpm-upgrade-python-bcryptlinuxrpm-upgrade-python-beautifulsoup4linuxrpm-upgrade-python-betamaxlinuxrpm-upgrade-python-cachetoolslinuxrpm-upgrade-python-caselinuxrpm-upgrade-python-cinderclientlinuxrpm-upgrade-python-clicklinuxrpm-upgrade-python-clifflinuxrpm-upgrade-python-cmd2linuxrpm-upgrade-python-coloramalinuxrpm-upgrade-python-constructlinuxrpm-upgrade-python-contextlib2linuxrpm-upgrade-python-coveragelinuxrpm-upgrade-python-dataclasseslinuxrpm-upgrade-python-ddtlinuxrpm-upgrade-python-debtcollectorlinuxrpm-upgrade-python-decoratorlinuxrpm-upgrade-python-defusedxmllinuxrpm-upgrade-python-distliblinuxrpm-upgrade-python-dogpile-cachelinuxrpm-upgrade-python-dracclientlinuxrpm-upgrade-python-editorlinuxrpm-upgrade-python-entrypointslinuxrpm-upgrade-python-eventletlinuxrpm-upgrade-python-execnetlinuxrpm-upgrade-python-extraslinuxrpm-upgrade-python-fastenerslinuxrpm-upgrade-python-filelocklinuxrpm-upgrade-python-fixtureslinuxrpm-upgrade-python-flake8linuxrpm-upgrade-python-flasklinuxrpm-upgrade-python-flitlinuxrpm-upgrade-python-freezegunlinuxrpm-upgrade-python-funcsigslinuxrpm-upgrade-python-futuristlinuxrpm-upgrade-python-geventlinuxrpm-upgrade-python-glanceclientlinuxrpm-upgrade-python-greenletlinuxrpm-upgrade-python-gunicornlinuxrpm-upgrade-python-hackinglinuxrpm-upgrade-python-hardwarelinuxrpm-upgrade-python-html5liblinuxrpm-upgrade-python-hypothesislinuxrpm-upgrade-python-ifaddrlinuxrpm-upgrade-python-importlib-metadatalinuxrpm-upgrade-python-ironic-liblinuxrpm-upgrade-python-ironic-prometheus-exporterlinuxrpm-upgrade-python-ironicclientlinuxrpm-upgrade-python-iso8601linuxrpm-upgrade-python-itsdangerouslinuxrpm-upgrade-python-jinja2linuxrpm-upgrade-python-jsonpath-rwlinuxrpm-upgrade-python-kafkalinuxrpm-upgrade-python-kazoolinuxrpm-upgrade-python-kerberoslinuxrpm-upgrade-python-keyringlinuxrpm-upgrade-python-keystoneauth1linuxrpm-upgrade-python-keystoneclientlinuxrpm-upgrade-python-keystonemiddlewarelinuxrpm-upgrade-python-kiwisolverlinuxrpm-upgrade-python-kombulinuxrpm-upgrade-python-linecache2linuxrpm-upgrade-python-logutilslinuxrpm-upgrade-python-markupsafelinuxrpm-upgrade-python-mccabelinuxrpm-upgrade-python-memcachedlinuxrpm-upgrade-python-migratelinuxrpm-upgrade-python-mimeparselinuxrpm-upgrade-python-mocklinuxrpm-upgrade-python-monotoniclinuxrpm-upgrade-python-more-itertoolslinuxrpm-upgrade-python-mox3linuxrpm-upgrade-python-msgpacklinuxrpm-upgrade-python-munchlinuxrpm-upgrade-python-neutronclientlinuxrpm-upgrade-python-noselinuxrpm-upgrade-python-nose-cover3linuxrpm-upgrade-python-openstacksdklinuxrpm-upgrade-python-os-client-configlinuxrpm-upgrade-python-os-service-typeslinuxrpm-upgrade-python-os-traitslinuxrpm-upgrade-python-osc-liblinuxrpm-upgrade-python-oslo-cachelinuxrpm-upgrade-python-oslo-concurrencylinuxrpm-upgrade-python-oslo-configlinuxrpm-upgrade-python-oslo-contextlinuxrpm-upgrade-python-oslo-dblinuxrpm-upgrade-python-oslo-i18nlinuxrpm-upgrade-python-oslo-loglinuxrpm-upgrade-python-oslo-messaginglinuxrpm-upgrade-python-oslo-metricslinuxrpm-upgrade-python-oslo-middlewarelinuxrpm-upgrade-python-oslo-policylinuxrpm-upgrade-python-oslo-reportslinuxrpm-upgrade-python-oslo-rootwraplinuxrpm-upgrade-python-oslo-serializationlinuxrpm-upgrade-python-oslo-servicelinuxrpm-upgrade-python-oslo-upgradechecklinuxrpm-upgrade-python-oslo-utilslinuxrpm-upgrade-python-oslo-versionedobjectslinuxrpm-upgrade-python-oslotestlinuxrpm-upgrade-python-osprofilerlinuxrpm-upgrade-python-pastelinuxrpm-upgrade-python-paste-deploylinuxrpm-upgrade-python-pbrlinuxrpm-upgrade-python-pecanlinuxrpm-upgrade-python-pexpectlinuxrpm-upgrade-python-pintlinuxrpm-upgrade-python-pretendlinuxrpm-upgrade-python-proliantutilslinuxrpm-upgrade-python-prometheus_clientlinuxrpm-upgrade-python-pycadflinuxrpm-upgrade-python-pycodestylelinuxrpm-upgrade-python-pymemcachelinuxrpm-upgrade-python-pypercliplinuxrpm-upgrade-python-pytest-covlinuxrpm-upgrade-python-pytest-forkedlinuxrpm-upgrade-python-pytest-runnerlinuxrpm-upgrade-python-pytest-xdistlinuxrpm-upgrade-python-pytest-xprocesslinuxrpm-upgrade-python-redislinuxrpm-upgrade-python-repoze-lrulinuxrpm-upgrade-python-requests-kerberoslinuxrpm-upgrade-python-requests-mocklinuxrpm-upgrade-python-requests-unixsocketlinuxrpm-upgrade-python-requestsexceptionslinuxrpm-upgrade-python-retryinglinuxrpm-upgrade-python-rfc3986linuxrpm-upgrade-python-routeslinuxrpm-upgrade-python-scciclientlinuxrpm-upgrade-python-secretstoragelinuxrpm-upgrade-python-simplegenericlinuxrpm-upgrade-python-simplejsonlinuxrpm-upgrade-python-singledispatchlinuxrpm-upgrade-python-smilinuxrpm-upgrade-python-sortedcontainerslinuxrpm-upgrade-python-soupsievelinuxrpm-upgrade-python-sqlalchemylinuxrpm-upgrade-python-sqlparselinuxrpm-upgrade-python-statsdlinuxrpm-upgrade-python-stestrlinuxrpm-upgrade-python-stevedorelinuxrpm-upgrade-python-surelinuxrpm-upgrade-python-sushylinuxrpm-upgrade-python-sushy-oem-idraclinuxrpm-upgrade-python-swiftclientlinuxrpm-upgrade-python-tempitalinuxrpm-upgrade-python-tenacitylinuxrpm-upgrade-python-testrepositorylinuxrpm-upgrade-python-testresourceslinuxrpm-upgrade-python-testscenarioslinuxrpm-upgrade-python-testtoolslinuxrpm-upgrade-python-toozlinuxrpm-upgrade-python-tornadolinuxrpm-upgrade-python-toxlinuxrpm-upgrade-python-tox-current-envlinuxrpm-upgrade-python-traceback2linuxrpm-upgrade-python-typeguardlinuxrpm-upgrade-python-typing-extensionslinuxrpm-upgrade-python-unittest2linuxrpm-upgrade-python-vinelinuxrpm-upgrade-python-virtualenvlinuxrpm-upgrade-python-voluptuouslinuxrpm-upgrade-python-waitresslinuxrpm-upgrade-python-warlocklinuxrpm-upgrade-python-wcwidthlinuxrpm-upgrade-python-webencodingslinuxrpm-upgrade-python-weboblinuxrpm-upgrade-python-webtestlinuxrpm-upgrade-python-werkzeuglinuxrpm-upgrade-python-wraptlinuxrpm-upgrade-python-wsmelinuxrpm-upgrade-python-yappilinuxrpm-upgrade-python-zakelinuxrpm-upgrade-python-zeroconflinuxrpm-upgrade-python-zipplinuxrpm-upgrade-python-zope-eventlinuxrpm-upgrade-python-zope-interfacelinuxrpm-upgrade-python-zope-testinglinuxrpm-upgrade-subunit
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.