CVE-2022-2553 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-2553 Interim 1 13 2025-02-16T03:25:26Z current 2022-07-28T23:34:28Z 2025-02-16T03:25:26Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-2553 The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2022-August/011727.html E-Mail link for SUSE-SU-2022:2605-1 https://lists.suse.com/pipermail/sle-security-updates/2022-August/011730.html E-Mail link for SUSE-SU-2022:2606-1 https://lists.suse.com/pipermail/sle-security-updates/2022-August/011734.html E-Mail link for SUSE-SU-2022:2607-1 https://lists.suse.com/pipermail/sle-security-updates/2022-August/011729.html E-Mail link for SUSE-SU-2022:2608-1 https://lists.suse.com/pipermail/sle-security-updates/2022-August/011726.html E-Mail link for SUSE-SU-2022:2609-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 SUSE Liberty Linux 9 SUSE Linux Enterprise High Availability Extension 15 SUSE Linux Enterprise High Availability Extension 15 SP1 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Availability GEO Extension 12 SP4 SUSE Linux Enterprise High Availability GEO Extension 12 SP5 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed booth-1.0+20210519.bfb2f92-150400.3.3.1 booth-1.0+20220724.dce51f9-1.1 booth-1.0-150000.6.3.1 booth-1.0-150100.11.3.1 booth-1.0-150300.18.3.1 booth-1.0-199.1.ac1d34c.git.el8_6.1 booth-1.0-251.3.bfb2f92.git.el9_0.1 booth-1.0-42.3.1 booth-arbitrator-1.0-199.1.ac1d34c.git.el8_6.1 booth-arbitrator-1.0-251.3.bfb2f92.git.el9_0.1 booth-core-1.0-199.1.ac1d34c.git.el8_6.1 booth-core-1.0-251.3.bfb2f92.git.el9_0.1 booth-site-1.0-199.1.ac1d34c.git.el8_6.1 booth-site-1.0-251.3.bfb2f92.git.el9_0.1 booth-test-1.0+20210519.bfb2f92-150400.3.3.1 booth-test-1.0+20220724.dce51f9-1.1 booth-test-1.0-150300.18.3.1 booth-test-1.0-199.1.ac1d34c.git.el8_6.1 booth-test-1.0-251.3.bfb2f92.git.el9_0.1 booth-1.0-199.1.ac1d34c.git.el8_6.1 as a component of SUSE Liberty Linux 8 booth-arbitrator-1.0-199.1.ac1d34c.git.el8_6.1 as a component of SUSE Liberty Linux 8 booth-core-1.0-199.1.ac1d34c.git.el8_6.1 as a component of SUSE Liberty Linux 8 booth-site-1.0-199.1.ac1d34c.git.el8_6.1 as a component of SUSE Liberty Linux 8 booth-test-1.0-199.1.ac1d34c.git.el8_6.1 as a component of SUSE Liberty Linux 8 booth-1.0-251.3.bfb2f92.git.el9_0.1 as a component of SUSE Liberty Linux 9 booth-arbitrator-1.0-251.3.bfb2f92.git.el9_0.1 as a component of SUSE Liberty Linux 9 booth-core-1.0-251.3.bfb2f92.git.el9_0.1 as a component of SUSE Liberty Linux 9 booth-site-1.0-251.3.bfb2f92.git.el9_0.1 as a component of SUSE Liberty Linux 9 booth-test-1.0-251.3.bfb2f92.git.el9_0.1 as a component of SUSE Liberty Linux 9 booth-1.0-150000.6.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 booth-1.0-150100.11.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP1 booth-1.0-150100.11.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 booth-1.0-150300.18.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 booth-1.0+20210519.bfb2f92-150400.3.3.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 booth-1.0-42.3.1 as a component of SUSE Linux Enterprise High Availability GEO Extension 12 SP4 booth-1.0-42.3.1 as a component of SUSE Linux Enterprise High Availability GEO Extension 12 SP5 booth-1.0-150300.18.3.1 as a component of openSUSE Leap 15.3 booth-test-1.0-150300.18.3.1 as a component of openSUSE Leap 15.3 booth-1.0+20210519.bfb2f92-150400.3.3.1 as a component of openSUSE Leap 15.4 booth-test-1.0+20210519.bfb2f92-150400.3.3.1 as a component of openSUSE Leap 15.4 booth-1.0+20220724.dce51f9-1.1 as a component of openSUSE Tumbleweed booth-test-1.0+20220724.dce51f9-1.1 as a component of openSUSE Tumbleweed The authfile directive in the booth config file is ignored, preventing use of authentication in communications from node to node. As a result, nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster. CVE-2022-2553 SUSE Liberty Linux 8:booth-1.0-199.1.ac1d34c.git.el8_6.1 SUSE Liberty Linux 8:booth-arbitrator-1.0-199.1.ac1d34c.git.el8_6.1 SUSE Liberty Linux 8:booth-core-1.0-199.1.ac1d34c.git.el8_6.1 SUSE Liberty Linux 8:booth-site-1.0-199.1.ac1d34c.git.el8_6.1 SUSE Liberty Linux 8:booth-test-1.0-199.1.ac1d34c.git.el8_6.1 SUSE Liberty Linux 9:booth-1.0-251.3.bfb2f92.git.el9_0.1 SUSE Liberty Linux 9:booth-arbitrator-1.0-251.3.bfb2f92.git.el9_0.1 SUSE Liberty Linux 9:booth-core-1.0-251.3.bfb2f92.git.el9_0.1 SUSE Liberty Linux 9:booth-site-1.0-251.3.bfb2f92.git.el9_0.1 SUSE Liberty Linux 9:booth-test-1.0-251.3.bfb2f92.git.el9_0.1 SUSE Linux Enterprise High Availability Extension 15:booth-1.0-150000.6.3.1 SUSE Linux Enterprise High Availability Extension 15 SP1:booth-1.0-150100.11.3.1 SUSE Linux Enterprise High Availability Extension 15 SP2:booth-1.0-150100.11.3.1 SUSE Linux Enterprise High Availability Extension 15 SP3:booth-1.0-150300.18.3.1 SUSE Linux Enterprise High Availability Extension 15 SP4:booth-1.0+20210519.bfb2f92-150400.3.3.1 SUSE Linux Enterprise High Availability GEO Extension 12 SP4:booth-1.0-42.3.1 SUSE Linux Enterprise High Availability GEO Extension 12 SP5:booth-1.0-42.3.1 openSUSE Leap 15.3:booth-1.0-150300.18.3.1 openSUSE Leap 15.3:booth-test-1.0-150300.18.3.1 openSUSE Leap 15.4:booth-1.0+20210519.bfb2f92-150400.3.3.1 openSUSE Leap 15.4:booth-test-1.0+20210519.bfb2f92-150400.3.3.1 openSUSE Tumbleweed:booth-1.0+20220724.dce51f9-1.1 openSUSE Tumbleweed:booth-test-1.0+20220724.dce51f9-1.1 moderate 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N