CVE-2022-47950
Published: 18 January 2023
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This impacts both s3api deployments (Rocky or later), and swift3 deployments (Queens and earlier, no longer actively developed).
Notes
| Author | Note |
|---|---|
| mdeslaur | s3api was introduced in 2.18, and swift3 was not shipped by Ubuntu |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
swift Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(code not present)
|
| focal |
Released
(2.25.2-0ubuntu1.1)
|
|
| jammy |
Released
(2.29.2-0ubuntu1)
|
|
| kinetic |
Released
(2.30.1-0ubuntu1)
|
|
| lunar |
Released
(2.31.0+git2023020814.488f8c83-0ubuntu1)
|
|
| mantic |
Released
(2.31.0+git2023020814.488f8c83-0ubuntu1)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Released
(2.31.0,2.30.1,2.29.2,2.28.1)
|
|
| xenial |
Needed
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 6.5 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |