Lucene search
GoogleOSV:CVE-2022-2822HistoryAug 15, 2022 - 11:21 a.m.
CVE-2022-2822
2022-08-1511:21:32
Google
osv.dev
4
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
51.1%
An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.
Related
prion
prion
Default credentials
2022-08-15 11:21:00
huntr
huntr
No rate limit on main Login page lead to account takeover
2022-08-12 20:03:31
veracode
veracode
Privilege Escalation
2022-08-16 05:38:36
nvd
nvd
CVE-2022-2822
2022-08-15 11:21:32
github
github
OctoPrint does not have rate limiting on the login page
2022-08-16 00:00:31
cve
cve
CVE-2022-2822
2022-08-15 11:21:32
cvelist
cvelist
osv
osv
OctoPrint does not have rate limiting on the login page
2022-08-16 00:00:31
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
51.1%
Related for OSV:CVE-2022-2822