CVE-2022-45956

Опубликовано: 12 дек. 2022

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

Ссылки

https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html
Exploit
Third Party Advisory
VDB Entry
https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:boa:boa:0.94.13:*:*:*:*:*:*:*

cpe:2.3:a:boa:boa:0.94.14:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00348

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-45956

CVSS3: 5.3

ubuntu

около 3 лет назад

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

CVE-2022-45956

CVSS3: 5.3

debian

около 3 лет назад

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the c ...

GHSA-3g3q-575c-4343

CVSS3: 5.3

github

около 3 лет назад

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.

EPSS

Процентиль: 57%

0.00348

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-863