Lucene search
GoogleOSV:CVE-2022-3327HistoryOct 20, 2022 - 12:15 a.m.
CVE-2022-3327
2022-10-2000:15:09
Google
osv.dev
5
github
authentication
critical function
ikus060/rdiffweb
version 2.5.0a6
software
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.6%
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.
Related
osv
osv
Rdiffweb is missing authentication for critical function
2022-10-20 12:00:17
PYSEC-2022-42977
2022-10-20 00:15:00
veracode
veracode
Insecure Session Management
2022-10-20 08:18:33
nvd
nvd
CVE-2022-3327
2022-10-20 00:15:09
cve
cve
CVE-2022-3327
2022-10-20 00:15:09
prion
prion
Authentication flaw
2022-10-20 00:15:00
huntr
huntr
No password confirmation on sensitive action like email change
2022-09-26 16:32:00
cvelist
cvelist
github
github
Rdiffweb is missing authentication for critical function
2022-10-20 12:00:17
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
59.6%
Related for OSV:CVE-2022-3327