{ "CVE_data_meta": { "ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2022-06-21", "ID": "CVE-2022-2068", "STATE": "PUBLIC", "TITLE": "The c_rehash script allows command injection" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "OpenSSL", "version": { "version_data": [ { "version_value": "Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)" }, { "version_value": "Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)" }, { "version_value": "Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)" } ] } } ] }, "vendor_name": "OpenSSL" } ] } }, "credit": [ { "lang": "eng", "value": "Chancen (Qingteng 73lab)" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)." } ] }, "impact": [ { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Moderate", "value": "Moderate" } ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Command injection" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.openssl.org/news/secadv/20220621.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20220621.txt" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=2c9c35870601b4a44d86ddbf512b38df38285cfa" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9639817dac8bbbaa64d09efad7464ccc405527c7" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9" }, { "refsource": "DEBIAN", "name": "DSA-5169", "url": "https://www.debian.org/security/2022/dsa-5169" }, { "refsource": "FEDORA", "name": "FEDORA-2022-3b7d0abd0b", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/" }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20220707-0008/", "url": "https://security.netapp.com/advisory/ntap-20220707-0008/" }, { "refsource": "FEDORA", "name": "FEDORA-2022-41890e9e44", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/" }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf" } ] } }