Lucene search
MitreVULNRICHMENT:CVE-2022-45177HistoryFeb 21, 2024 - 12:00 a.m.
CVE-2022-45177
2024-02-2100:00:00
mitre
github.com
1
observable response discrepancy
livebox collaboration vdesk
v031
unauthorized actor
internal state information
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
28.7%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearch?search={NAME]+{SURNAME] endpoint, and the /login endpoint. The web application provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:liveboxcloud:vdesk:-:*:*:*:*:*:*:*"
],
"vendor": "liveboxcloud",
"product": "vdesk",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "v031"
}
],
"defaultStatus": "unknown"
}
]References
Related
cve
cve
CVE-2022-45177
2024-02-21 16:15:49
nvd
nvd
CVE-2022-45177
2024-02-21 16:15:49
alpinelinux
alpinelinux
CVE-2022-45177
2024-02-21 16:15:49
cvelist
cvelist
CVE-2022-45177
2024-02-21 00:00:00
prion
prion
Design/Logic Flaw
2024-02-21 16:15:00
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
28.7%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2022-45177