{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-2068","assignerOrgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","assignerShortName":"openssl","dateUpdated":"2025-12-30T04:55:27.130Z","dateReserved":"2022-06-13T00:00:00.000Z","datePublished":"2022-06-21T14:45:20.597Z"},"containers":{"cna":{"title":"The c_rehash script allows command injection","datePublic":"2022-06-21T00:00:00.000Z","providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2023-01-10T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)."}],"affected":[{"vendor":"OpenSSL","product":"OpenSSL","versions":[{"version":"Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3)","status":"affected"},{"version":"Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o)","status":"affected"},{"version":"Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze)","status":"affected"}]}],"references":[{"url":"https://www.openssl.org/news/secadv/20220621.txt"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7"},{"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9"},{"name":"DSA-5169","tags":["vendor-advisory"],"url":"https://www.debian.org/security/2022/dsa-5169"},{"name":"FEDORA-2022-3b7d0abd0b","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/"},{"url":"https://security.netapp.com/advisory/ntap-20220707-0008/"},{"name":"FEDORA-2022-41890e9e44","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"}],"credits":[{"lang":"en","value":"Chancen (Qingteng 73lab)"}],"metrics":[{"other":{"type":"unknown","content":{"lang":"eng","url":"https://www.openssl.org/policies/secpolicy.html#Moderate","value":"Moderate"}}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Command injection"}]}]},"adp":[{"title":"CVE Program Container","references":[{"url":"https://gitlab.com/fraf0/cve-2022-1292-re_score-analysis"},{"tags":["x_transferred"],"url":"https://www.openssl.org/news/secadv/20220621.txt"},{"tags":["x_transferred"],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfa"},{"tags":["x_transferred"],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7"},{"tags":["x_transferred"],"url":"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9"},{"name":"DSA-5169","tags":["vendor-advisory","x_transferred"],"url":"https://www.debian.org/security/2022/dsa-5169"},{"name":"FEDORA-2022-3b7d0abd0b","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WZZBKUHQFGSKGNXXKICSRPL7AMVW5M5/"},{"tags":["x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20220707-0008/"},{"name":"FEDORA-2022-41890e9e44","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/"},{"tags":["x_transferred"],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf"},{"url":"http://seclists.org/fulldisclosure/2024/Nov/0"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:45:47.155Z"}},{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-78","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.8,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2023-07-21T00:00:00+00:00","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2022-2068"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-12-30T04:55:27.130Z"}}]}}