{
  "threat_severity" : "Moderate",
  "public_date" : "2024-07-11T00:00:00Z",
  "bugzilla" : {
    "description" : "nats-server: Negative user permissions not enforced in one scenario",
    "id" : "2297418",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2297418"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
    "status" : "draft"
  },
  "cwe" : "CWE-284",
  "details" : [ "NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 could allow a remote attacker to bypass security restrictions, caused by the failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects.", "A flaw was found in the NATS Server and NATS Streaming Server. Affected versions of this package could allow a remote attacker to bypass security restrictions due to a failure to enforce negative user permissions in one scenario. By using a queue subscription on the wildcard, an attacker could exploit this vulnerability to allow denied subjects." ],
  "package_state" : [ {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Affected",
    "package_name" : "odh-ml-pipelines-api-server-v2-container",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Affected",
    "package_name" : "odh-ml-pipelines-driver-container",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Affected",
    "package_name" : "odh-ml-pipelines-launcher-container",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Affected",
    "package_name" : "odh-ml-pipelines-persistenceagent-v2-container",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Affected",
    "package_name" : "odh-ml-pipelines-scheduledworkflow-v2-container",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-contour-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Out of support scope",
    "package_name" : "ocs4/mcg-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Out of support scope",
    "package_name" : "ocs4/ocs-must-gather-rhel8",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Out of support scope",
    "package_name" : "ocs4/ocs-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Trusted Profile Analyzer",
    "fix_state" : "Not affected",
    "package_name" : "trusted-content-tenant/trustification-guac",
    "cpe" : "cpe:/a:redhat:trusted_profile_analyzer:1"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-29946\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-29946\nhttps://github.com/nats-io/advisories/blob/main/CVE/CVE-2022-29946.txt" ],
  "name" : "CVE-2022-29946",
  "mitigation" : {
    "value" : "Recraft user permission rules to only add access, never deny it.",
    "lang" : "en:us"
  },
  "csaw" : false
}