PT-2022-22208 · Rdiffweb · Rdiffweb

Published

2022-10-13

Updated

2022-10-14

CVE-2022-3457

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions rdiffweb versions prior to 2.5.0a5

Description The issue concerns a lack of origin validation in web traffic. This could potentially allow unauthorized access or actions. Users are advised to take action to mitigate this risk.

Recommendations For versions prior to 2.5.0a5, upgrade to version 2.5.0a5 to resolve the issue.

Exploit

Fix

Origin Validation Error

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-346

Related Identifiers

CVE-2022-3457

GHSA-824X-JCXF-HPFG

PYSEC-2022-43161

Affected Products

Rdiffweb

PT-2022-22208 · Rdiffweb · Rdiffweb

CVE-2022-3457

Weakness Enumeration

Related Identifiers

Affected Products

References · 10