exploitDog

CVE-2022-36182

Опубликовано: 27 окт. 2022

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Hashicorp Boundary v0.8.0 is vulnerable to Clickjacking which allow for the interception of login credentials, re-direction of users to malicious sites, or causing users to perform malicious actions on the site.

Ссылки

https://owasp.org/www-community/attacks/Clickjacking
Third Party Advisory
https://packetstormsecurity.com/files/168654/Hashicorp-Boundary-Clickjacking.html
Third Party Advisory
VDB Entry
https://owasp.org/www-community/attacks/Clickjacking
Third Party Advisory
https://packetstormsecurity.com/files/168654/Hashicorp-Boundary-Clickjacking.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hashicorp:boundary:*:*:*:*:*:*:*:*

Версия до 0.11.0 (исключая)

EPSS

Процентиль: 41%

0.00191

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-1021

CWE-1021

Связанные уязвимости

GHSA-xqv2-3vvq-qg6r

CVSS3: 6.1

github

больше 3 лет назад

Hashicorp Boundary vulnerable to clickjacking

EPSS

Процентиль: 41%

0.00191

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-1021

CWE-1021