Lucene search
Tribe29CVELIST:CVE-2022-48317HistoryFeb 20, 2023 - 4:55 p.m.
CVE-2022-48317 Insecure Termination of RestAPI Session Tokens
2023-02-2016:55:28
CWE-613
Tribe29
www.cve.org
2
cve-2022-48317
expired sessions
restapi security
CVSS3
5.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
58.6%
Expired sessions were not securely terminated in the RestAPI for Tribe29’s Checkmk <= 2.1.0p10 and Checkmk <= 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Checkmk",
"vendor": "Tribe29",
"versions": [
{
"lessThanOrEqual": "2.0.0p28",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "2.1.0p10",
"status": "affected",
"version": "2.1.0",
"versionType": "semver"
}
]
}
]References
Related
openvas
openvas
cve
cve
CVE-2022-48317
2023-02-20 17:15:12
ubuntucve
ubuntucve
CVE-2022-48317
2023-02-20 00:00:00
nvd
nvd
CVE-2022-48317
2023-02-20 17:15:12
prion
prion
Design/Logic Flaw
2023-02-20 17:15:00
osv
osv
CVE-2022-48317
2023-02-20 17:15:12
CVSS3
5.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
AI Score
9.7
Confidence
High
EPSS
0.002
Percentile
58.6%
Related for CVELIST:CVE-2022-48317