Lucene search
@huntrdevCVELIST:CVE-2022-3327HistoryOct 19, 2022 - 12:00 a.m.
CVE-2022-3327 Missing Authentication for Critical Function in ikus060/rdiffweb
2022-10-1900:00:00
CWE-306
@huntrdev
www.cve.org
2
cve-2022-3327
missing authentication
ikus060/rdiffweb
CVSS3
4.5
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
59.6%
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
CNA Affected
[
{
"vendor": "ikus060",
"product": "ikus060/rdiffweb",
"versions": [
{
"version": "unspecified",
"lessThan": "2.5.0a6",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
Rdiffweb is missing authentication for critical function
2022-10-20 12:00:17
PYSEC-2022-42977
2022-10-20 00:15:00
CVE-2022-3327
2022-10-20 00:15:09
veracode
veracode
Insecure Session Management
2022-10-20 08:18:33
prion
prion
Authentication flaw
2022-10-20 00:15:00
huntr
huntr
No password confirmation on sensitive action like email change
2022-09-26 16:32:00
nvd
nvd
CVE-2022-3327
2022-10-20 00:15:09
cve
cve
CVE-2022-3327
2022-10-20 00:15:09
github
github
Rdiffweb is missing authentication for critical function
2022-10-20 12:00:17
CVSS3
4.5
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
AI Score
9.8
Confidence
High
EPSS
0.002
Percentile
59.6%
Related for CVELIST:CVE-2022-3327