CVE-2022-4039

Summary

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Affected Software

VendorProductVersion RangeStatus
Red HatRHEL-8 based Middleware Containers7.6-20 < *unaffected

Weaknesses

  • CWE-276: Incorrect Default Permissions

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References