Lucene search
HistoryOct 06, 2022 - 6:16 p.m.
CVE-2022-3273
github
repository
ikus060
rdiffweb
2.5.0a4
resource allocation
vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.1%
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
Affected configurations
Node
ikus-softrdiffwebRange≤2.4.10
ORikus-softrdiffwebMatch2.5.0alpha1
ORikus-softrdiffwebMatch2.5.0alpha2
ORikus-softrdiffwebMatch2.5.0alpha3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ikus-soft | rdiffweb | * | cpe:2.3:a:ikus-soft:rdiffweb:*:*:*:*:*:*:*:* |
| ikus-soft | rdiffweb | 2.5.0 | cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha1:*:*:*:*:*:* |
| ikus-soft | rdiffweb | 2.5.0 | cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha2:*:*:*:*:*:* |
| ikus-soft | rdiffweb | 2.5.0 | cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha3:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2022-10-06 18:16:00
osv
osv
rdiffweb does not have a rate limit on incorrect password attempts to prevent brute force attacks
2022-10-06 18:52:04
CVE-2022-3273
2022-10-06 18:16:20
cvelist
cvelist
github
github
huntr
huntr
veracode
veracode
Information Disclosure
2022-10-07 11:20:33
cve
cve
CVE-2022-3273
2022-10-06 18:16:20
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
57.1%
Related for NVD:CVE-2022-3273