CVE-2022-4630
MEDIUM
5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: high
Integrity: none
Availability: none
Description
AI Translation Available
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0010
Percentile
0,3th
Updated
EPSS Score Trend (Last 91 Days)
732
Incorrect Permission Assignment for Critical Resource
DraftCommon Consequences
Security Scopes Affected:
Confidentiality
Access Control
Integrity
Other
Potential Impacts:
Read Application Data
Read Files Or Directories
Gain Privileges Or Assume Identity
Modify Application Data
Other
Applicable Platforms
Technologies:
Cloud Computing, Not Technology-Specific
1004
Sensitive Cookie Without 'HttpOnly' Flag
IncompleteCommon Consequences
Security Scopes Affected:
Confidentiality
Integrity
Potential Impacts:
Read Application Data
Gain Privileges Or Assume Identity
Applicable Platforms
Technologies:
Web Based, Web Server
Application
Daloradius by Daloradius
CPE Identifier
View Detailed Analysis
cpe:2.3:a:daloradius:daloradius:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/lirantal/daloradius/commit/6878619dc661b3009429777a1aeeb383d…
https://huntr.dev/bounties/401661ee-40e6-4ee3-a925-3716b96ece5c
https://github.com/lirantal/daloradius/commit/6878619dc661b3009429777a1aeeb383d…
https://huntr.dev/bounties/401661ee-40e6-4ee3-a925-3716b96ece5c