20 matches found
EUVD-2022-42712
Malicious code in bioql PyPI...
CVE-2022-3321
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in t...
CVE-2022-3337
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...
CVE-2022-3337
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...
CVE-2022-3321
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...
Design/Logic Flaw
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
Information disclosure
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...
Design/Logic Flaw
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...
CVE-2022-3322
The CVE-2022-3322 issue concerns Cloudflare WARP on iOS where the Lock Warp switch can be bypassed due to insufficient policy verification in the WARP iOS client. A bypass via the"Disable WARP" quick action allows enrolled devices to disable the WARP client even when the Lock Warp feature is enab...
CVE-2022-3322 Lock WARP switch bypass on WARP mobile client using iOS quick action
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...
CVE-2022-3337 Lock WARP switch bypass by removing VPN profile on iOS mobile client
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...
CVE-2022-3337 Lock WARP switch bypass by removing VPN profile on iOS mobile client
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...
CVE-2022-3512 Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
CVE-2022-3512
CVE-2022-3512 affects Cloudflare WARP by allowing a user to disconnect the WARP client and bypass the Lock WARP switch using the warp-cli add-trusted-ssid command, enabling Zero Trust policies not to be enforced on the endpoint. The available sources consistently describe the bypass vector and it...
Cloudflare WARP 安全漏洞
Cloudflare WARP Cloudflare Vpn is a client application for secure connectivity from the American company Cloudflare. Cloudflare WARP suffers from a security vulnerability that stems from the ability for a user to remove a VPN profile from the WARP mobile client on the iOS platform, despite the Lo...
PT-2022-21750 · Unknown · Warp Ios Client
Name of the Vulnerable Software and Affected Versions: WARP iOS client affected versions not specified Description: The Lock Warp switch feature in the Zero Trust platform can be bypassed due to insufficient policy verification by the WARP iOS client. This bypass can be achieved by using the...
PT-2022-22585 · Warp · Warp
Name of the Vulnerable Software and Affected Versions: WARP affected versions not specified Description: The issue allows a user to disconnect the WARP client and bypass the "Lock WARP switch" feature by using the warp-cli command "add-trusted-ssid". This results in Zero Trust policies not being...
CVE-2022-2225
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...
CVE-2022-2225
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...
Cloudflare WARP 安全漏洞
Cloudflare WARP Cloudflare Vpn is a client application for secure connections from the US company Cloudflare. A security vulnerability exists in Cloudflare WARP. An attacker can exploit this vulnerability to bypass configured zero-trust security policies e.g., Secure Web Gateway policy and featur...