Lucene search
GoogleOSV:CVE-2022-42983HistoryOct 17, 2022 - 7:15 a.m.
CVE-2022-42983
2022-10-1707:15:08
Google
osv.dev
5
anji-plus
aj-report
login bypass
authentication
jwt tokens
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.003
Percentile
68.5%
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
Related
cve
cve
CVE-2022-42983
2022-10-17 07:15:08
prion
prion
Authentication flaw
2022-10-17 07:15:00
cvelist
cvelist
CVE-2022-42983
2022-10-17 00:00:00
nvd
nvd
CVE-2022-42983
2022-10-17 07:15:08
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.003
Percentile
68.5%
Related for OSV:CVE-2022-42983