Lucene search
Veracode Vulnerability DatabaseVERACODE:35690HistoryMay 25, 2022 - 6:11 a.m.
Authentication Bypass
2022-05-2506:11:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
14
0.001 Low
EPSS
Percentile
19.4%
Opencast-ingest-service-impl is vulnerable to authentication bypass. The vulnerability exists in addContentToRepo function in IngestServiceImpl.java because opencast doesn’t properly restrict users when passing URLs which allows an attacker to gain access and bypass organizational barriers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| opencast :: ingest-service-impl | le | 11.6 | |
| opencast :: ingest-service-impl | le | 11.6 |
Related
cve
cve
CVE-2022-29237
2022-05-24 15:15:08
github
github
Limited Authentication Bypass for Media Files
2022-05-25 20:16:36
nvd
nvd
CVE-2022-29237
2022-05-24 15:15:08
osv
osv
Limited Authentication Bypass for Media Files
2022-05-25 20:16:36
CVE-2022-29237
2022-05-24 15:15:08
openvas
openvas
Opencast < 10.14, 11.x < 11.7 Improper Authentication Vulnerability
2022-05-26 00:00:00
prion
prion
Double free
2022-05-24 15:15:00
cvelist
cvelist
CVE-2022-29237 Limited Authentication Bypass for Media Files in Opencast
2022-05-24 14:40:11