exploitDog

CVE-2022-44022

Опубликовано: 30 окт. 2022

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts.

Ссылки

https://cve.nstsec.com/cve-2022-44022
https://github.com/pwndoc/pwndoc/issues/381
Exploit
Issue Tracking
Third Party Advisory
https://cve.nstsec.com/cve-2022-44022
https://github.com/pwndoc/pwndoc/issues/381
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pwndoc_project:pwndoc:*:*:*:*:*:*:*:*

Версия до 0.5.3 (включая)

EPSS

Процентиль: 38%

0.00165

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-307

Связанные уязвимости

GHSA-rxj6-c9ph-rrrh

CVSS3: 5.3

github

больше 3 лет назад

PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts.

EPSS

Процентиль: 38%

0.00165

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-307