CVE-2022-46146

low-risk

Published 2022-11-29

Prometheus Exporter Toolkit is a utility package to build exporters. Prior to versions 0.7.2 and 0.8.2, if someone has access to a Prometheus web.yml file and users' bcrypted passwords, they can bypass security by poisoning the built-in authentication cache. Versions 0.7.2 and 0.8.2 contain a fix for the issue. There is no workaround, but attacker must have access to the hashed password to use this functionality.

Do I need to act?

0.21% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.2/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Exporter Toolkit

Affected Vendors

Prometheus

References (18)

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/1

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/2

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/4

Patch https://github.com/prometheus/exporter-toolkit/commit/5b1eab34484ddd353986bce736...

Third Party Advisory https://github.com/prometheus/exporter-toolkit/security/advisories/GHSA-7rg2-cxv...

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

https://security.gentoo.org/glsa/202401-15

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/1

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/2

Exploit http://www.openwall.com/lists/oss-security/2022/11/29/4

Patch https://github.com/prometheus/exporter-toolkit/commit/5b1eab34484ddd353986bce736...

Third Party Advisory https://github.com/prometheus/exporter-toolkit/security/advisories/GHSA-7rg2-cxv...

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

https://security.gentoo.org/glsa/202401-15

/ 100

low-risk

Severity 20/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal