Search for vulnerabilities
Vulnerability details: VCID-wvmv-p29j-aaap
Vulnerability ID VCID-wvmv-p29j-aaap
Aliases CVE-2022-2403
Summary CVE-2022-2403 openshift: oauth-serving-cert configmap contains cluster certificate private key
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2022:5664
rhas Important https://access.redhat.com/errata/RHSA-2022:5879
cvssv3 7.7 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2403.json
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00064 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00065 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0039 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.00487 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0063 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.0063 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
epss 0.01222 https://api.first.org/data/v1/epss?cve=CVE-2022-2403
cvssv3 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2403
cvssv3.1 6.5 https://nvd.nist.gov/vuln/detail/CVE-2022-2403
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2403.json
https://access.redhat.com/security/cve/CVE-2022-2403
https://api.first.org/data/v1/epss?cve=CVE-2022-2403
https://bugzilla.redhat.com/show_bug.cgi?id=2101959
cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*
CVE-2022-2403 https://nvd.nist.gov/vuln/detail/CVE-2022-2403
RHSA-2022:5664 https://access.redhat.com/errata/RHSA-2022:5664
RHSA-2022:5879 https://access.redhat.com/errata/RHSA-2022:5879
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2403.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2403
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-2403
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.30072
EPSS Score 0.00064
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.