Lucene search
HistoryDec 28, 2022 - 2:15 p.m.
CVE-2022-4806
github
authorization bypass
cve-2022-4806
user-controlled key
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
30.4%
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
Affected configurations
Node
usememosmemosRange<0.9.1
Related
veracode
veracode
Insecure Direct Object References(IDOR)
2023-01-02 10:09:30
github
github
usememos/memos Improper Access Control vulnerability
2022-12-28 15:30:46
cve
cve
CVE-2022-4806
2022-12-28 14:15:11
cvelist
cvelist
osv
osv
usememos/memos Improper Access Control vulnerability
2022-12-28 15:30:46
CVE-2022-4806
2022-12-28 14:15:11
prion
prion
Authorization
2022-12-28 14:15:00
huntr
huntr
IDOR results in deletion of others public & private memos
2022-12-23 21:32:13
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
30.4%
Related for NVD:CVE-2022-4806