Lucene search
HistoryDec 28, 2022 - 2:15 p.m.
CVE-2022-4811
authorization bypass
user-controlled key
vulnerability
usememos
memos
version 0.9.1
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
21.8%
Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.
Affected configurations
Node
usememosmemosRange<0.9.1
Related
osv
osv
CVE-2022-4811
2022-12-28 14:15:11
usememos/memos Improper Authorization vulnerability
2022-12-28 15:30:46
prion
prion
Authorization
2022-12-28 14:15:00
veracode
veracode
Improper Authorization
2023-01-02 14:06:19
cvelist
cvelist
huntr
huntr
Access all Private Memos by unauthorized user
2022-12-23 13:14:51
github
github
usememos/memos Improper Authorization vulnerability
2022-12-28 15:30:46
cve
cve
CVE-2022-4811
2022-12-28 14:15:11
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
21.8%
Related for NVD:CVE-2022-4811