16 matches found
EUVD-2022-34505
Malicious code in bioql PyPI...
CVE-2022-2225
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...
CVE-2022-3320
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...
Design/Logic Flaw
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
CVE-2022-3320 Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...
CVE-2022-3320
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...
CVE-2022-3320 Bypassing Cloudflare Zero Trust policies using warp-cli set-custom-endpoint command
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled...
CVE-2022-3320
Summary: CVE-2022-3320 affects Cloudflare WARP/Zero Trust deployments where the warp-cli set-custom-endpoint subcommand can be used with an unreachable endpoint, causing the WARP Client to disconnect and bypass administrative restrictions on a Zero Trust enrolled endpoint. Multiple connected sour...
CVE-2022-3512 Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
CVE-2022-3512 Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
CVE-2022-3512
CVE-2022-3512 affects Cloudflare WARP by allowing a user to disconnect the WARP client and bypass the Lock WARP switch using the warp-cli add-trusted-ssid command, enabling Zero Trust policies not to be enforced on the endpoint. The available sources consistently describe the bypass vector and it...
CVE-2022-3512
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...
CVE-2022-2225
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...
Design/Logic Flaw
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...
CVE-2022-2225
CVE-2022-2225 affects Cloudflare WARP client. A local attacker can bypass Zero Trust security policies and features like “Lock WARP switch” by using warp-cli subcommands (disable-ethernet, disable-wifi) without admin privileges. Reported impacts include bypass of Secure Web Gateway policies; expl...
CVE-2022-2225
By using warp-cli subcommands disable-ethernet, disable-wifi, it was possible for a user without admin privileges to bypass configured Zero Trust security policies e.g. Secure Web Gateway policies and features such as 'Lock WARP switch'...