LIVEBOX Collaboration vDesk v018 bypasses Two-Factor Authentication for SAML Users on /login/backup_code and /api/v1/vdeskintegration/challenge endpoints. TOTP correctness not properly checked
Reporter | Title | Published | Views | Family All 4 |
---|---|---|---|---|
CVE | CVE-2022-45174 | 14 Apr 202314:15 | – | cve |
Prion | Code injection | 14 Apr 202314:15 | – | prion |
Cvelist | CVE-2022-45174 | 14 Apr 202300:00 | – | cvelist |
NVD | CVE-2022-45174 | 14 Apr 202314:15 | – | nvd |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | vdesk | 1.2-r1 | UNKNOWN |
Alpine | 3.17-community | noarch | vdesk | 1.2-r1 | UNKNOWN |
Alpine | 3.18-community | noarch | vdesk | 1.2-r1 | UNKNOWN |
Alpine | 3.19-community | noarch | vdesk | 1.2-r1 | UNKNOWN |
Alpine | 3.20-community | noarch | vdesk | 1.2-r1 | UNKNOWN |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo