CVE-2022-0178

Опубликовано: 13 янв. 2022

Источник: nvd

CVSS3: 6.3

CVSS3: 5.4

CVSS2: 5.5

EPSS Низкий

Описание

Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.

Ссылки

https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0
Patch
Third Party Advisory
https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0
Patch
Third Party Advisory
https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*

Версия до 5.3.8 (исключая)

EPSS

Процентиль: 44%

0.00213

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

CVE-2022-0178

CVSS3: 6.3

debian

около 4 лет назад

Missing Authorization vulnerability in snipe snipe/snipe-it.This issue ...

GHSA-xc47-3rch-cv57

CVSS3: 5.4

github

около 4 лет назад

Improper Access Control in snipe-it

EPSS

Процентиль: 44%

0.00213

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-862