exploitDog

CVE-2022-34298

Опубликовано: 23 июн. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Средний

Описание

The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."

Ссылки

https://github.com/OpenIdentityPlatform/OpenAM/compare/14.6.5...14.6.6
Patch
Release Notes
Third Party Advisory
https://github.com/OpenIdentityPlatform/OpenAM/pull/514
Patch
Third Party Advisory
https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/14.6.6
Patch
Release Notes
Third Party Advisory
https://github.com/OpenIdentityPlatform/OpenAM/compare/14.6.5...14.6.6
Patch
Release Notes
Third Party Advisory
https://github.com/OpenIdentityPlatform/OpenAM/pull/514
Patch
Third Party Advisory
https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/14.6.6
Patch
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openidentityplatform:openam:*:*:*:*:*:*:*:*

Версия до 14.6.6 (исключая)

EPSS

Процентиль: 97%

0.4507

Средний

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-px3r-27qc-hx5g

CVSS3: 5.3

github

больше 3 лет назад

NT auth module vulnerability in OpenAM

EPSS

Процентиль: 97%

0.4507

Средний

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-Other