Lucene search
HistoryApr 14, 2023 - 3:15 p.m.
CVE-2022-3748
cve-2022-3748
improper authorization
forgerock inc.
access management
authentication bypass
nvd
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.6%
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass.Β This issue affects Access Management: from 6.5.0 through 7.2.0.
Affected configurations
Node
forgerockaccess_managementRange6.5.0β7.2.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| forgerock:access_management | forgerock access management | le | 7.2.0 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Access Management",
"vendor": "ForgeRock Inc.",
"versions": [
{
"lessThanOrEqual": "7.2.0",
"status": "affected",
"version": "6.5.0",
"versionType": "semver"
}
]
}
]Related
nessus
nessus
ForgeRock Access Management 7.x Improper Authorization
2023-04-20 00:00:00
prion
prion
Authorization
2023-04-14 15:15:00
nvd
nvd
CVE-2022-3748
2023-04-14 15:15:07
cvelist
cvelist
CVE-2022-3748 Improper authorization that can lead to account impersonation
2023-04-14 14:06:30
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.6%
Related for CVE-2022-3748