Lucene search
HistoryDec 06, 2022 - 12:15 a.m.
CVE-2022-38336
cve-2022-38336
mobaxterm
access control
ssh
sftp
authentication issue
nvd
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.6%
An access control issue in MobaXterm before v22.1 allows attackers to make connections to the server via the SSH or SFTP protocols without authentication.
Affected configurations
Node
mobatekmobaxtermRange<22.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| mobatek:mobaxterm | mobatek mobaxterm | lt | 22.2 |
Related
prion
prion
Authentication flaw
2022-12-06 00:15:00
nvd
nvd
CVE-2022-38336
2022-12-06 00:15:10
cvelist
cvelist
CVE-2022-38336
2022-12-05 00:00:00
nessus
nessus
Mobatek MobaXterm < 22.2 (CVE-2022-38336)
2024-03-15 00:00:00
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.9 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
69.6%
Related for CVE-2022-38336