Lucene search
MitreCVE-2022-42983HistoryOct 17, 2022 - 7:15 a.m.
CVE-2022-42983
2022-10-1707:15:08
CWE-290
mitre
web.nvd.nist.gov
25
12
cve-2022-42983
anji-plus
aj-report
login bypass
jwt tokens
remote exploit
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.003
Percentile
68.5%
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
Affected configurations
Node
anji-plusaj-reportMatch0.9.8.6
Social References
More
Related
prion
prion
Authentication flaw
2022-10-17 07:15:00
cvelist
cvelist
CVE-2022-42983
2022-10-17 00:00:00
osv
osv
CVE-2022-42983
2022-10-17 07:15:08
nvd
nvd
CVE-2022-42983
2022-10-17 07:15:08
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.003
Percentile
68.5%
Related for CVE-2022-42983