Lucene search
HistoryOct 27, 2022 - 5:15 p.m.
CVE-2022-24669
details exposure
crafted attack
internal network services
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
28.8%
It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services.
Affected configurations
Node
forgerockaccess_managementRange6.0.0–6.0.0.7
ORforgerockaccess_managementRange6.5.0–6.5.0.2
ORforgerockaccess_managementRange6.5.2.1–6.5.2.3
ORforgerockaccess_managementRange7.0.0–7.0.2
ORforgerockaccess_managementMatch6.5.1
ORforgerockaccess_managementMatch6.5.3
ORforgerockaccess_managementMatch6.5.4
ORforgerockaccess_managementMatch7.1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| forgerock | access_management | * | cpe:2.3:a:forgerock:access_management:*:*:*:*:*:*:*:* |
| forgerock | access_management | 6.5.1 | cpe:2.3:a:forgerock:access_management:6.5.1:*:*:*:*:*:*:* |
| forgerock | access_management | 6.5.3 | cpe:2.3:a:forgerock:access_management:6.5.3:*:*:*:*:*:*:* |
| forgerock | access_management | 6.5.4 | cpe:2.3:a:forgerock:access_management:6.5.4:*:*:*:*:*:*:* |
| forgerock | access_management | 7.1.0 | cpe:2.3:a:forgerock:access_management:7.1.0:*:*:*:*:*:*:* |
Related
prion
prion
Code injection
2022-10-27 17:15:00
cve
cve
CVE-2022-24669
2022-10-27 17:15:09
cvelist
cvelist
nessus
nessus
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
28.8%
Related for NVD:CVE-2022-24669