Lucene search
ForgeRockCVE-2023-0339HistoryFeb 28, 2023 - 5:15 p.m.
CVE-2023-0339
2023-02-2817:15:10
CWE-23
CWE-22
ForgeRock
web.nvd.nist.gov
31
2
cve-2023-0339
path traversal
forgerock
access management
web policy agent
authentication bypass
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.001
Percentile
49.9%
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass.Β This issue affects Access Management Web Policy Agent: all versions up to 5.10.1
Affected configurations
Node
forgerockweb_policy_agentsRangeβ€5.10.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| forgerock | web_policy_agents | * | cpe:2.3:a:forgerock:web_policy_agents:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Access Management Web Policy Agent",
"vendor": "ForgeRock",
"versions": [
{
"lessThanOrEqual": "5.10.1",
"status": "affected",
"version": "1.0.0",
"versionType": "semver"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2023-0339
2023-02-28 17:15:10
prion
prion
Path traversal
2023-02-28 17:15:00
cvelist
cvelist
CVE-2023-0339 AM Web Policy Agent path traversal
2023-02-28 16:21:03
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.001
Percentile
49.9%
Related for CVE-2023-0339