Lucene search
PRIOn knowledge basePRION:CVE-2022-23206HistoryFeb 06, 2022 - 4:15 p.m.
Design/Logic Flaw
2022-02-0616:15:00
PRIOn knowledge base
www.prio-n.com
5
0.001 Low
EPSS
Percentile
36.2%
In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach.
| CPE | Name | Operator | Version |
|---|---|---|---|
| traffic_control | ge | 6.0.0 | |
| traffic_control | lt | 6.1.0 | |
| traffic_control | lt | 5.1.6 |
Related
gitlab
gitlab
Server-Side Request Forgery (SSRF)
2022-02-07 00:00:00
Server-Side Request Forgery (SSRF)
2022-02-06 00:00:00
cnvd
cnvd
Apache Traffic Control code issue vulnerability
2022-02-09 00:00:00
cvelist
cvelist
github
github
Server-Side Request Forgery in Apache Traffic Control
2022-02-07 00:00:23
osv
osv
Server-Side Request Forgery in Apache Traffic Control
2022-02-07 00:00:23
CVE-2022-23206
2022-02-06 16:15:07
nvd
nvd
CVE-2022-23206
2022-02-06 16:15:07
cve
cve
CVE-2022-23206
2022-02-06 16:15:07