Lucene search
MitreCVE-2022-40319HistoryJan 17, 2023 - 9:15 p.m.
CVE-2022-40319
2023-01-1721:15:13
CWE-639
mitre
web.nvd.nist.gov
27
listserv
17
web interface
remote attacks
idor
email address
wa.exe
url
unauthorized modification
account
nvd
cve-2022-40319
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.007
Percentile
80.5%
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim’s LISTSERV account.
Affected configurations
Node
lsoftlistservMatch17.0
Related
prion
prion
Design/Logic Flaw
2023-01-17 21:15:00
nvd
nvd
CVE-2022-40319
2023-01-17 21:15:13
packetstorm
packetstorm
LISTSERV 17 Insecure Direct Object Reference
2023-01-17 00:00:00
zdt
zdt
LISTSERV 17 Insecure Direct Object Reference Vulnerability
2023-01-18 00:00:00
LISTSERV 17 - Insecure Direct Object Reference (IDOR) Vulnerability
2023-03-30 00:00:00
exploitdb
exploitdb
LISTSERV 17 - Insecure Direct Object Reference (IDOR)
2023-03-30 00:00:00
cvelist
cvelist
CVE-2022-40319
2023-01-17 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.007
Percentile
80.5%
Related for CVE-2022-40319