CVE-2022-4133 - Vulnerability Details - OpenCVE

Description

We were unable to verify this vulnerbility.

Published: n/a

Score: 0.0 Low

EPSS: n/a

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

No data.

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://nvd.nist.gov/vuln/detail/CVE-2022-4133
https://www.cve.org/CVERecord?id=CVE-2022-4133

History

No history.

Subscriptions

No data.

MITRE

Status: REJECTED

Assigner: redhat

Published: No published date

Updated: 2023-02-10T21:38:16.503Z

Reserved: 2022-11-23T23:13:00.674Z

Link: CVE-2022-4133

Vulnrichment

No data.

NVD

Status : Rejected

Published: 2023-02-11T01:23:26.057

Modified: 2023-11-07T03:57:01.190

Link: CVE-2022-4133

Redhat

Severity :

Publid Date: 2022-11-23T00:00:00Z

Links: CVE-2022-4133 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-80

{"bugzilla": {"description": "openstack-horizon: reflected XSS", "id": "2147389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147389"}, "csaw": false, "cvss3": {"cvss3_base_score": "0.0", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:N", "status": "draft"}, "cwe": "CWE-80", "details": ["A reflected Cross-site scripting (XSS) vulnerability was found in the Red Hat OpenStack Platform dashboard. This issue could allow an attacker to trick a user into pasting malicious code in the \u201cAllocation Pools\u201d instance."], "name": "CVE-2022-4133", "package_state": [{"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "openstack-horizon-base-container", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "puppet-horizon", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "python-django-horizon", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "python-horizon-tests-tempest", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "rhosp13/openstack-horizon", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "openstack-horizon-container", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "puppet-horizon", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "python-django-horizon", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "python-horizon-tests-tempest", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "python-networking-bgpvpn", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-designate-ui", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-heat-ui", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-horizon-container", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-manila-ui", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "openstack-octavia-ui", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "puppet-horizon", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "python-django-horizon", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "python-horizon-tests-tempest", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "python-networking-bgpvpn", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "openstack-designate-ui", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "openstack-heat-ui", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "openstack-horizon-container", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "openstack-manila-ui", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "openstack-octavia-ui", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "puppet-horizon", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "python-django-horizon", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Not affected", "package_name": "python-networking-bgpvpn", "product_name": "Red Hat OpenStack Platform 17.0"}], "public_date": "2022-11-23T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-4133\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-4133"], "statement": "Red Hat Product Security does not consider this to be a vulnerability."}