Vulnerability Name:

CVE-2022-2068 (CCN-226018)

Assigned:2022-06-21
Published:2022-06-21
Updated:2023-03-01
Summary:In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).
CVSS v3 Severity:9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
6.7 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-77
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2022-2068

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: XF
Type: UNKNOWN
openssl-cve20222068-command-exec(226018)

Source: openssl-security@openssl.org
Type: Mailing List, Patch, Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Broken Link
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Patch, Vendor Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Mailing List, Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: openssl-security@openssl.org
Type: Third Party Advisory
openssl-security@openssl.org

Source: CCN
Type: IBM Security Bulletin 6601509 (App Connect Professional)
OpenSSL vulnerability affects App Connect professional v7.5.4.

Source: CCN
Type: IBM Security Bulletin 6607559 (i)
OpenSSL for IBM i is vulnerable to arbitrary command execution (CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6613431 (AIX)
AIX is vulnerable to arbitrary command execution (CVE-2022-1292 and CVE-2022-2068) or an attacker may obtain sensitive information (CVE-2022-2097) due to OpenSSL

Source: CCN
Type: IBM Security Bulletin 6613565 (Spectrum Control)
IBM Spectrum Control is vulnerable to multiple weaknesses related to IBM WebSphere Application Server Liberty and OpenSSL (CVE-2022-2068, CVE-2022-2097, CVE-2022-22475)

Source: CCN
Type: IBM Security Bulletin 6616631 (MQ Operator)
BM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl, pcre2 and Golang Go

Source: CCN
Type: IBM Security Bulletin 6619903 (Spectrum Copy Data Management)
Vulnerabilities in Linux Kernel and OpenSSL may affect IBM Spectrum Copy Data Management

Source: CCN
Type: IBM Security Bulletin 6619915 (Spectrum Protect Plus)
Vulnerabilities in Linux Kernel, OpenSSL, Golang Go, and Zlib may affect IBM Spectrum Protect Plus

Source: CCN
Type: IBM Security Bulletin 6619953 (WIoTP MessageGateway)
Vulnerabilities in openSSL and WebSphere Liberty affect IBM WIoTP MessageGateway (CVE-2022-22476 CVE-2019-11777 CVE-2022-22475 CVE-2022-2097 CVE-2022-2068 CVE-2022-1292)

Source: CCN
Type: IBM Security Bulletin 6620289 (Sterling Connect:Direct for UNIX)
IBM Sterling Connect:Direct for UNIX Container is vulnerable to execute arbitrary commands due to OpenSSL (CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6622079 (Spectrum Protect Plus)
Vulnerabilities in OpenSSL affect IBM Spectrum Protect Plus SQL, File Indexing, and Windows Host agents

Source: CCN
Type: IBM Security Bulletin 6831591 (Robotic Process Automation)
Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak

Source: CCN
Type: IBM Security Bulletin 6837293 (App Connect Enterprise Certified Container)
IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-2068

Source: CCN
Type: IBM Security Bulletin 6842263 (Netcool/System Service Monitor)
Multiple vulnerabilities in OpenSSL affect IBM Tivoli Netcool System Service Monitors/Application Service Monitors

Source: CCN
Type: IBM Security Bulletin 6844445 (Virtualization Engine TS7700 3957-VEC)
IBM Virtualization Engine TS7700 is vulnerable to a privilege escalation threat due to use of OpenSSL (CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6855297 (Security Verify Access)
IBM Security Verify Access Appliance includes components with known vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6855543 (Rational ClearQuest)
Vulnerabilities in OpenSSL affect IBM Rational ClearQuest (CVE-2022-2068, CVE-2022-2097)

Source: CCN
Type: IBM Security Bulletin 6855595 (Rational ClearCase)
Multiple vulnerabilities in OpenSSL affects IBM Rational ClearCase (CVE-2022-2097, CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6857607 (InfoSphere Information Server)
Multiple vulnerabilities in OpenSSL affect IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6890831 (Watson Speech Services Cartridge for Cloud Pak for Data)
IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary command execution in OpenSSL (CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6952319 (Aspera Faspex)
IBM Aspera Faspex 4.4.2 PL2 has addressed multiple vulnerabilities (CVE-2022-28330, CVE-2023-22868, CVE-2022-30556, CVE-2022-31813, CVE-2022-30522, CVE-2022-47986, CVE-2022-28615, CVE-2022-26377, CVE-2018-25032, CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6952339 (Aspera Orchestrator)
IBM Aspera Orchestrator affected by OpenSSL vulnerability (CVE-2022-2068)

Source: CCN
Type: IBM Security Bulletin 6982841 (Netcool Operations Insight)
Netcool Operations Insight v1.6.8 addresses multiple security vulnerabilities.

Source: CCN
Type: OpenSSL Security Advisory [21 June 2022]
OpenSSL Security Advisory [21 June 2022]

Source: openssl-security@openssl.org
Type: Vendor Advisory
openssl-security@openssl.org

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/a:redhat:enterprise_linux:9::appstream:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:9:*:*:*:*:*:*:*
    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:9::baseos:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:openssl:openssl:3.0.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:netcool/system_service_monitor:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearquest:9.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_protect_plus:10.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:sterling_connect:direct:4.3.0:*:*:*:unix:*:*:*
  • OR cpe:/a:ibm:sterling_connect:direct:6.0.0:*:*:*:unix:*:*:*
  • OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_clearquest:9.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:aix:7.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:spectrum_copy_data_management:2.2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.2:*:*:*:*:*:*:*
  • OR cpe:/o:ibm:i:7.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:aspera_faspex:4.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect_enterprise_certified_container:4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:robotic_process_automation:21.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*
  • OR cpe:/a:ibm:app_connect_enterprise_certified_container:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_verify_access:10.0.4.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:7630
    P
    		libopenssl-1_1-devel-1.1.1l-150500.15.4 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7631
    P
    		libopenssl-3-devel-3.0.8-150500.3.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:8084
    P
    		libopenssl-1_0_0-devel-1.0.2p-150000.3.73.1 on GA media (Moderate)
    2023-06-12
    oval:com.redhat.rhsa:def:20226224
    P
    		RHSA-2022:6224: openssl security and bug fix update (Moderate)
    2022-08-30
    oval:com.redhat.rhsa:def:20225818
    P
    		RHSA-2022:5818: openssl security update (Moderate)
    2022-08-03
    oval:org.opensuse.security:def:119620
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-07-07
    oval:org.opensuse.security:def:95348
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-07-07
    oval:org.opensuse.security:def:119435
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-07-07
    oval:org.opensuse.security:def:3718
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-07-07
    oval:org.opensuse.security:def:563
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-07-07
    oval:org.opensuse.security:def:94043
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:95257
    P
    		Security update for openssl-1_1 (Important)
    2022-07-06
    oval:org.opensuse.security:def:93468
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:3625
    P
    		Security update for openssl-3 (Important)
    2022-07-06
    oval:org.opensuse.security:def:94255
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:558
    P
    		Security update for openssl-3 (Important)
    2022-07-06
    oval:org.opensuse.security:def:93622
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:3627
    P
    		Security update for openssl-1_1 (Important)
    2022-07-06
    oval:org.opensuse.security:def:94464
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:93150
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:560
    P
    		Security update for openssl-1_1 (Important)
    2022-07-06
    oval:org.opensuse.security:def:93829
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:95255
    P
    		Security update for openssl-3 (Important)
    2022-07-06
    oval:org.opensuse.security:def:93310
    P
    		 (Important)
    2022-07-06
    oval:org.opensuse.security:def:42306
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:119429
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:42402
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:118744
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:118934
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:119614
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:43638
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:119239
    P
    		Security update for openssl-1_1 (Moderate)
    2022-07-04
    oval:org.opensuse.security:def:4755
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:125744
    P
    		Security update for openssl-1_0_0 (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:127305
    P
    		Security update for openssl-1_1 (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:6083
    P
    		Security update for openssl-1_1 (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:126907
    P
    		Security update for openssl (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:5282
    P
    		Security update for openssl (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:125741
    P
    		Security update for openssl (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:126908
    P
    		Security update for openssl-1_1 (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:5283
    P
    		Security update for openssl-1_1 (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:125742
    P
    		Security update for openssl-1_1 (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:127304
    P
    		Security update for openssl (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:6082
    P
    		Security update for openssl (Moderate)
    2022-06-24
    oval:org.opensuse.security:def:926
    P
    		Security update for openssl-1_1 (Moderate) (in QA)
    2022-06-20
    oval:org.opensuse.security:def:1240
    P
    		Security update for openssl-1_0_0 (Moderate) (in QA)
    2022-06-20
    BACK
    openssl openssl 1.1.1
    openssl openssl 1.0.2
    openssl openssl 3.0.0
    ibm aix 7.1
    ibm i 7.2
    ibm netcool/system service monitor 4.0.1
    ibm i 7.3
    ibm aix 7.2
    ibm rational clearquest 9.0.1
    ibm infosphere information server 11.7
    ibm spectrum protect plus 10.1.0
    ibm sterling connect:direct 4.3.0
    ibm sterling connect:direct 6.0.0
    ibm i 7.4
    ibm vios 3.1
    ibm rational clearquest 9.0.2
    ibm security verify access 10.0.2.0
    ibm security verify access 10.0.0.0
    ibm security verify access 10.0.1.0
    ibm aix 7.3
    ibm spectrum copy data management 2.2.0.0
    ibm robotic process automation 21.0.1
    ibm robotic process automation 21.0.2
    ibm i 7.5
    ibm aspera faspex 4.4.1
    ibm app connect enterprise certified container 4.1
    ibm app connect enterprise certified container 4.2
    ibm security verify access 10.0.3.0
    ibm robotic process automation 21.0.3
    ibm robotic process automation 21.0.4
    ibm app connect enterprise certified container 5.0
    ibm app connect enterprise certified container 5.1
    ibm security verify access 10.0.4.0