Lucene search
GitHub Advisory DatabaseGHSA-4VRC-Q7M6-VQ7WHistoryNov 10, 2022 - 12:01 p.m.
Lin CMS vulnerable to Improper Authentication
2022-11-1012:01:09
CWE-287
GitHub Advisory Database
github.com
10
lin-cms
v0.2.1
authentication bypass
vulnerability
privilege escalation
super administrator
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
41.1%
An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.
Affected configurations
Node
io.github.talelinlin-cms-coreRange≤0.2.1
ORlin-cms_projectlin-cmsRange≤0.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| io.github.talelin | lin-cms-core | * | cpe:2.3:a:io.github.talelin:lin-cms-core:*:*:*:*:*:*:*:* |
| lin-cms_project | lin-cms | * | cpe:2.3:a:lin-cms_project:lin-cms:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-44244
2022-11-09 00:00:00
osv
osv
Lin CMS vulnerable to Improper Authentication
2022-11-10 12:01:09
nvd
nvd
CVE-2022-44244
2022-11-09 22:15:25
cve
cve
CVE-2022-44244
2022-11-09 22:15:25
prion
prion
Authentication flaw
2022-11-09 22:15:00
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
41.1%
Related for GHSA-4VRC-Q7M6-VQ7W