CVE-2022-4134 - Vulnerability Details - OpenCVE

A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00091.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Openstack	Glance
Redhat	Openstack

Configuration 1 [-]

OR	cpe:2.3:a:openstack:glance::::::::
	cpe:2.3:a:redhat:openstack:13:::::::*
	cpe:2.3:a:redhat:openstack:16.1:::::::*
	cpe:2.3:a:redhat:openstack:16.2:-::::::
	cpe:2.3:a:redhat:openstack:17:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-0288	A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.
Github GHSA	GHSA-5gp5-vxj6-4257	OpenStack Glance Inclusion of Functionality from Untrusted Control Sphere vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://bugs.launchpad.net/glance/+bug/1990157
https://bugzilla.redhat.com/show_bug.cgi?id=2147462
https://nvd.nist.gov/vuln/detail/CVE-2022-4134
https://wiki.openstack.org/wiki/OSSN/OSSN-0090
https://www.cve.org/CVERecord?id=CVE-2022-4134

History

Thu, 06 Mar 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-03-06T00:00:00.000Z

Updated: 2025-03-06T19:53:42.138Z

Reserved: 2022-11-23T00:00:00.000Z

Link: CVE-2022-4134

Vulnrichment

Updated: 2024-08-03T01:27:54.483Z

NVD

Status : Modified

Published: 2023-03-06T23:15:11.313

Modified: 2025-03-06T20:15:37.757

Link: CVE-2022-4134

Redhat

Severity : Moderate

Publid Date: 2022-10-14T00:00:00Z

Links: CVE-2022-4134 - Bugzilla

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-4134", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2025-03-06T19:53:42.138Z", "dateReserved": "2022-11-23T00:00:00.000Z", "datePublished": "2023-03-06T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-03-06T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images."}], "affected": [{"vendor": "n/a", "product": "openstack", "versions": [{"version": "As shipped with Red Hat Openstack 13, 16.1, 16.2, and 17.", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462"}, {"url": "https://bugs.launchpad.net/glance/+bug/1990157"}, {"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-829", "cweId": "CWE-829"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:27:54.483Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462", "tags": ["x_transferred"]}, {"url": "https://bugs.launchpad.net/glance/+bug/1990157", "tags": ["x_transferred"]}, {"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-829", "lang": "en", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-06T19:53:36.994898Z", "id": "CVE-2022-4134", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-06T19:53:42.138Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462", "tags": ["x_transferred"]}, {"url": "https://bugs.launchpad.net/glance/+bug/1990157", "tags": ["x_transferred"]}, {"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T01:27:54.483Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.8, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-4134", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-06T19:53:36.994898Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-829", "description": "CWE-829 Inclusion of Functionality from Untrusted Control Sphere"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-06T19:52:43.076Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "openstack", "versions": [{"status": "affected", "version": "As shipped with Red Hat Openstack 13, 16.1, 16.2, and 17."}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462"}, {"url": "https://bugs.launchpad.net/glance/+bug/1990157"}, {"url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090"}], "descriptions": [{"lang": "en", "value": "A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-829", "description": "CWE-829"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-03-06T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-4134", "state": "PUBLISHED", "dateUpdated": "2025-03-06T19:53:42.138Z", "dateReserved": "2022-11-23T00:00:00.000Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2023-03-06T00:00:00.000Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:glance:*:*:*:*:*:*:*:*", "matchCriteriaId": "884E775E-5475-43E8-BFA9-8701C49847A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:16.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9D3F4FF-AD3D-4D17-93E8-84CAFCED2F59", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:16.2:-:*:*:*:*:*:*", "matchCriteriaId": "FFE398FE-EE7C-4B64-ABB6-24697E047C85", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:17:*:*:*:*:*:*:*", "matchCriteriaId": "BC12AF01-CCDD-4AB6-8F44-32058A63BAFB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images."}], "id": "CVE-2022-4134", "lastModified": "2025-03-06T20:15:37.757", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-03-06T23:15:11.313", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/glance/+bug/1990157"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugs.launchpad.net/glance/+bug/1990157"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0090"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-829"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-829"}], "source": "nvd@nist.gov", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-829"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Primary"}]}

{"bugzilla": {"description": "openstack: glance & ceph conflict which allows image tampering", "id": "2147462", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147462"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N", "status": "draft"}, "cwe": "CWE-829", "details": ["A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images.", "A flaw was found in openstack-glance. This issue could allow a remote, authenticated attacker to tamper with images, compromising the integrity of virtual machines created using these modified images."], "mitigation": {"lang": "en:us", "value": "There are two options:\n1. Manually disable the show_multiple_locations configuration setting (change it to false). \n2. Keep show_multiple_locations enabled, but restrict the glance-api service from being exposed directly to end users. Refer the upstream OSSN listed in the external references section for further details."}, "name": "CVE-2022-4134", "package_state": [{"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Will not fix", "package_name": "openstack-glance", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Will not fix", "package_name": "openstack-glance", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Fix deferred", "package_name": "openstack-glance", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Fix deferred", "package_name": "openstack-glance", "product_name": "Red Hat OpenStack Platform 17.0"}], "public_date": "2022-10-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-4134\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-4134\nhttps://bugs.launchpad.net/glance/+bug/1990157\nhttps://wiki.openstack.org/wiki/OSSN/OSSN-0090"], "statement": "You must be using Ceph as a backend to be affected by this flaw.\nAs this flaw would involve significant architectural changes, the impact is moderate. A fix will not be produced for Red Hat OpenStack Platform 16.2 and older releases. If you are concerned about the risk of this flaw against your environment, please follow guidance in the mitigation section, but understand this comes with performance tradeoffs.", "threat_severity": "Moderate"}