Lucene search
HistoryJan 17, 2023 - 9:15 p.m.
CVE-2022-40319
listserv
17
web interface
unauthorized modification
email address
idor
wa.exe url
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.007
Percentile
80.5%
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim’s LISTSERV account.
Affected configurations
Node
lsoftlistservMatch17.0
Related
prion
prion
Design/Logic Flaw
2023-01-17 21:15:00
zdt
zdt
LISTSERV 17 Insecure Direct Object Reference Vulnerability
2023-01-18 00:00:00
LISTSERV 17 - Insecure Direct Object Reference (IDOR) Vulnerability
2023-03-30 00:00:00
packetstorm
packetstorm
LISTSERV 17 Insecure Direct Object Reference
2023-01-17 00:00:00
exploitdb
exploitdb
LISTSERV 17 - Insecure Direct Object Reference (IDOR)
2023-03-30 00:00:00
cvelist
cvelist
CVE-2022-40319
2023-01-17 00:00:00
cve
cve
CVE-2022-40319
2023-01-17 21:15:13
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
7.4
Confidence
High
EPSS
0.007
Percentile
80.5%
Related for NVD:CVE-2022-40319