Lucene search
Veracode Vulnerability DatabaseVERACODE:38242HistoryNov 24, 2022 - 1:42 p.m.
Improper Authorization
2022-11-2413:42:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
github
improper authorization
immudb
sdks server uuids
validation
0.001 Low
EPSS
Percentile
26.9%
github.com/codenotary/immudb is vulnerable to improper authorization. The library does not properly validate SDKs server UUIDs which allows a malicious server to change the reported UUID, tricking the client to treat it as a different server thus accepting a state completely irrelevant to the one previously retrieved from the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/codenotary/immudb | le | v1.4.0 | |
| github.com/codenotary/immudb | le | v1.4.0 |
Related
prion
prion
Design/Logic Flaw
2022-11-22 20:15:00
cve
cve
CVE-2022-39199
2022-11-22 20:15:11
cvelist
cvelist
CVE-2022-39199 Lack of proper validation in immudb
2022-11-22 00:00:00
github
github
veracode
veracode
Improper Access Control
2022-11-24 04:12:02
osv
osv
CVE-2022-39199
2022-11-22 20:15:11
Lack of proper validation of server UUID can be used by the server to trick the client to accept invalid proofs
2022-11-21 20:38:51
Improper validation of UUIDs in github.com/codenotary/immudb
2022-12-22 20:40:16
nvd
nvd
CVE-2022-39199
2022-11-22 20:15:11
cnvd
cnvd
immudb data forgery issue vulnerability
2022-11-24 00:00:00