Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-46365
HistoryMay 01, 2023 - 3:15 p.m.

Code injection

2023-05-0115:15:00
PRIOn knowledge base
www.prio-n.com
3
code injection
apache streampark
user verification
account reset
upgrade advisory

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to send any username to modify and reset the account, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later.

CPENameOperatorVersion
streamparkge1.0.0
streamparklt2.0.0

Related

cve 1
github 1
nvd 1
osv 1
cvelist 1
cnvd 1
veracode 1
cve
cve
CVE-2022-46365
2023-05-01 15:15:09
github
github
Apache StreamPark Improper Input Validation vulnerability
2023-07-06 19:24:19
nvd
nvd
CVE-2022-46365
2023-05-01 15:15:09
osv
osv
Apache StreamPark Improper Input Validation vulnerability
2023-07-06 19:24:19
cvelist
cvelist
CVE-2022-46365 Apache StreamPark (incubating): Logic error causing any account reset
2023-05-01 14:53:50
cnvd
cnvd
Apache StreamPark Input Validation Error Vulnerability
2023-05-08 00:00:00
veracode
veracode
Improper Input Validation
2023-05-08 10:46:10

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON
Related for PRION:CVE-2022-46365
cve1github1nvd1osv1cvelist1cnvd1veracode1