CWE-862
Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
CVE-2022-2382 (GCVE-0-2022-2382)
Vulnerability from cvelistv5 – Published: 2022-08-22 15:02 – Updated: 2024-08-03 00:39
VLAI
Title
Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion
Summary
The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options.
Severity
No CVSS data available.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/777d4637-444b-4e… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Product Slider for WooCommerce |
Affected:
2.5.7 , < 2.5.7
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:06.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/777d4637-444b-4eda-bc21-95d3a3bf6cd3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Product Slider for WooCommerce",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.5.7",
"status": "affected",
"version": "2.5.7",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-22T15:02:20.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/777d4637-444b-4eda-bc21-95d3a3bf6cd3"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Product Slider for WooCommerce \u003c 2.5.7 - Subscriber+ Arbitrary Options Deletion",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2382",
"STATE": "PUBLIC",
"TITLE": "Product Slider for WooCommerce \u003c 2.5.7 - Subscriber+ Arbitrary Options Deletion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Product Slider for WooCommerce",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.5.7",
"version_value": "2.5.7"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zaj\u0105c"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Product Slider for WooCommerce WordPress plugin before 2.5.7 has flawed CSRF checks and lack authorisation in some of its AJAX actions, allowing any authenticated users, such as subscriber to call them. One in particular could allow them to delete arbitrary blog options."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/777d4637-444b-4eda-bc21-95d3a3bf6cd3",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/777d4637-444b-4eda-bc21-95d3a3bf6cd3"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2382",
"datePublished": "2022-08-22T15:02:20.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:39:06.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2389 (GCVE-0-2022-2389)
Vulnerability from cvelistv5 – Published: 2022-08-22 15:02 – Updated: 2024-08-03 00:39
VLAI
Title
Automations By Autonami < 2.1.2 - Subscriber+ Automation Creation
Summary
The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations
Severity
No CVSS data available.
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/e70f00b7-6251-47… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By Autonami |
Affected:
2.1.2 , < 2.1.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/e70f00b7-6251-476e-9297-60af509e6ad9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder \u0026 Marketing Automation By Autonami",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.1.2",
"status": "affected",
"version": "2.1.2",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder \u0026 Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-22T15:02:49.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/e70f00b7-6251-476e-9297-60af509e6ad9"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Automations By Autonami \u003c 2.1.2 - Subscriber+ Automation Creation",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2389",
"STATE": "PUBLIC",
"TITLE": "Automations By Autonami \u003c 2.1.2 - Subscriber+ Automation Creation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder \u0026 Marketing Automation By Autonami",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.1.2",
"version_value": "2.1.2"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zaj\u0105c"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder \u0026 Marketing Automation By Autonami WordPress plugin before 2.1.2 does not have authorisation and CSRF checks in one of its AJAX action, allowing any authenticated users, such as subscriber to create automations"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/e70f00b7-6251-476e-9297-60af509e6ad9",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/e70f00b7-6251-476e-9297-60af509e6ad9"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2389",
"datePublished": "2022-08-22T15:02:49.000Z",
"dateReserved": "2022-07-12T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:39:07.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23944 (GCVE-0-2022-23944)
Vulnerability from cvelistv5 – Published: 2022-01-25 13:00 – Updated: 2024-08-03 03:59
VLAI
Title
Apache ShenYu 2.4.1 Improper access control
Summary
User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
Severity
No CVSS data available.
CWE
- CWE-862 - Missing Authorization
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/dbrjnnlrf80dr0f92… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2022/01/25/5 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2022/0… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2022/01/26/2 | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ShenYu (incubating) |
Affected:
Apache ShenYu (incubating) , < 2.4.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y"
},
{
"name": "[oss-security] 20220125 CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/5"
},
{
"name": "[oss-security] 20220125 Re: CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/15"
},
{
"name": "[oss-security] 20220126 CVE-2022-23944: Apache ShenYu (incubating) Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache ShenYu (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.4.2",
"status": "affected",
"version": "Apache ShenYu (incubating)",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-26T12:06:15.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y"
},
{
"name": "[oss-security] 20220125 CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/5"
},
{
"name": "[oss-security] 20220125 Re: CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/15"
},
{
"name": "[oss-security] 20220126 CVE-2022-23944: Apache ShenYu (incubating) Improper access control",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache ShenYu 2.4.1 Improper access control",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23944",
"STATE": "PUBLIC",
"TITLE": "Apache ShenYu 2.4.1 Improper access control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache ShenYu (incubating)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache ShenYu (incubating)",
"version_value": "2.4.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/dbrjnnlrf80dr0f92k5r2ysfvf1kr67y"
},
{
"name": "[oss-security] 20220125 CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/5"
},
{
"name": "[oss-security] 20220125 Re: CVE-2022-23944: Apache ShenYu 2.4.1 Improper access control",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/15"
},
{
"name": "[oss-security] 20220126 CVE-2022-23944: Apache ShenYu (incubating) Improper access control",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/2"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23944",
"datePublished": "2022-01-25T13:00:24.000Z",
"dateReserved": "2022-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:59:23.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-23945 (GCVE-0-2022-23945)
Vulnerability from cvelistv5 – Published: 2022-01-25 13:00 – Updated: 2024-08-03 03:59
VLAI
Title
Apache ShenYu missing authentication allows gateway registration
Summary
Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.
Severity
No CVSS data available.
CWE
- CWE-862 - Missing Authorization
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/q2gg6ny6lpkph7nkr… | x_refsource_MISC |
| http://www.openwall.com/lists/oss-security/2022/01/25/6 | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2022/01/26/3 | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache ShenYu (incubating) |
Affected:
Apache ShenYu (incubating) , < 2.4.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:59:23.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s"
},
{
"name": "[oss-security] 20220125 CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/6"
},
{
"name": "[oss-security] 20220126 CVE-2022-23945: Apache ShenYu (incubating) missing authentication allows gateway registration",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache ShenYu (incubating)",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.4.2",
"status": "affected",
"version": "Apache ShenYu (incubating)",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-26T12:06:13.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s"
},
{
"name": "[oss-security] 20220125 CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/6"
},
{
"name": "[oss-security] 20220126 CVE-2022-23945: Apache ShenYu (incubating) missing authentication allows gateway registration",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache ShenYu missing authentication allows gateway registration",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2022-23945",
"STATE": "PUBLIC",
"TITLE": "Apache ShenYu missing authentication allows gateway registration"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache ShenYu (incubating)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Apache ShenYu (incubating)",
"version_value": "2.4.2"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": [
{}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s",
"refsource": "MISC",
"url": "https://lists.apache.org/thread/q2gg6ny6lpkph7nkrvjzqdvqpm805v8s"
},
{
"name": "[oss-security] 20220125 CVE-2022-23945: Apache ShenYu missing authentication allows gateway registration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/25/6"
},
{
"name": "[oss-security] 20220126 CVE-2022-23945: Apache ShenYu (incubating) missing authentication allows gateway registration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2022/01/26/3"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2022-23945",
"datePublished": "2022-01-25T13:00:25.000Z",
"dateReserved": "2022-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:59:23.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2405 (GCVE-0-2022-2405)
Vulnerability from cvelistv5 – Published: 2022-09-26 12:35 – Updated: 2025-05-21 19:19
VLAI
Title
WP Popup Builder < 1.3.0 - Subscriber+ Arbitrary Popup Deletion
Summary
The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup
Severity
4.3 (Medium)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/50037028-2790-47… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WP Popup Builder – Popup Forms , Marketing PoPuP & Newsletter |
Affected:
1.2.9 , < 1.2.9
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-2405",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T19:19:01.204882Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T19:19:27.568Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "WP Popup Builder \u2013 Popup Forms , Marketing PoPuP \u0026 Newsletter",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.2.9",
"status": "affected",
"version": "1.2.9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Krzysztof Zaj\u0105c"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-03T13:45:21.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WP Popup Builder \u003c 1.3.0 - Subscriber+ Arbitrary Popup Deletion",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2022-2405",
"STATE": "PUBLIC",
"TITLE": "WP Popup Builder \u003c 1.3.0 - Subscriber+ Arbitrary Popup Deletion"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP Popup Builder \u2013 Popup Forms , Marketing PoPuP \u0026 Newsletter",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.2.9",
"version_value": "1.2.9"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Krzysztof Zaj\u0105c"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WP Popup Builder WordPress plugin before 1.2.9 does not have authorisation and CSRF check in an AJAX action, allowing any authenticated users, such as subscribers to delete arbitrary Popup"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/50037028-2790-47ee-aae1-faf0724eb917"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2405",
"datePublished": "2022-09-26T12:35:34.000Z",
"dateReserved": "2022-07-14T00:00:00.000Z",
"dateUpdated": "2025-05-21T19:19:27.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24317 (GCVE-0-2022-24317)
Vulnerability from cvelistv5 – Published: 2022-02-09 22:05 – Updated: 2024-08-03 04:07
VLAI
Summary
A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
Severity
No CVSS data available.
CWE
- CWE-862 - Missing Authorization
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://download.schneider-electric.com/files?p_D… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) |
Affected:
Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:07:02.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-324/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-12T02:06:30.000Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-324/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2022-24317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)",
"version": {
"version_data": [
{
"version_value": "Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A CWE-862: Missing Authorization vulnerability exists that could cause information exposure when an attacker sends a specific message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01",
"refsource": "MISC",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-039-01"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-22-324/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-324/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2022-24317",
"datePublished": "2022-02-09T22:05:03.000Z",
"dateReserved": "2022-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:07:02.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2450 (GCVE-0-2022-2450)
Vulnerability from cvelistv5 – Published: 2022-11-14 00:00 – Updated: 2025-04-30 19:39
VLAI
Title
reSmush.it Image Optimizer < 0.4.4 - Subscriber+ AJAX Calls
Summary
The reSmush.it : the only free Image Optimizer & compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them.
Severity
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | reSmush.it : the only free Image Optimizer & compress plugin |
Affected:
0.4.4 , < 0.4.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.624Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/1b3ff124-f973-4584-a7d7-26cc404bfe2b"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-2450",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T19:39:05.535266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T19:39:40.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "reSmush.it : the only free Image Optimizer \u0026 compress plugin",
"vendor": "Unknown",
"versions": [
{
"lessThan": "0.4.4",
"status": "affected",
"version": "0.4.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Raad Haddad of Cloudyrion GmbH"
}
],
"descriptions": [
{
"lang": "en",
"value": "The reSmush.it : the only free Image Optimizer \u0026 compress plugin WordPress plugin before 0.4.4 lacks authorization in various AJAX actions, allowing any logged-in users, such as subscribers to call them."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T00:00:00.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"url": "https://wpscan.com/vulnerability/1b3ff124-f973-4584-a7d7-26cc404bfe2b"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "reSmush.it Image Optimizer \u003c 0.4.4 - Subscriber+ AJAX Calls",
"x_generator": "WPScan CVE Generator"
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-2450",
"datePublished": "2022-11-14T00:00:00.000Z",
"dateReserved": "2022-07-17T00:00:00.000Z",
"dateUpdated": "2025-04-30T19:39:40.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2461 (GCVE-0-2022-2461)
Vulnerability from cvelistv5 – Published: 2022-09-06 17:18 – Updated: 2026-04-08 16:41
VLAI
Title
Transposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings Change
Summary
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site.
Severity
5.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| oferwald | Transposh WordPress Translation |
Affected:
0 , ≤ 1.0.9.6
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:39:07.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/223373fc-9d78-47f0-b283-109f8e00b802?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2461"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"tags": [
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/167870/wptransposh107-auth.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.exploitalert.com/view-details.html?id=38891"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2461",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:17:43.818829Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:18:40.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Transposh WordPress Translation",
"vendor": "oferwald",
"versions": [
{
"lessThanOrEqual": "1.0.9.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Julien Ahrens"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the \u0027tp_translation\u0027 AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:41:36.744Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/223373fc-9d78-47f0-b283-109f8e00b802?source=cve"
},
{
"url": "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2461"
},
{
"url": "https://www.rcesecurity.com/2022/07/WordPress-Transposh-Exploiting-a-Blind-SQL-Injection-via-XSS/"
},
{
"url": "https://plugins.trac.wordpress.org/browser/transposh-translation-filter-for-wordpress/trunk/transposh.php?rev=2682425#L1989"
},
{
"url": "https://packetstormsecurity.com/files/167870/wptransposh107-auth.txt"
},
{
"url": "https://www.exploitalert.com/view-details.html?id=38891"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-07-18T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Transposh WordPress Translation \u003c= 1.0.9.6 - Unauthorized Settings Change"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-2461",
"datePublished": "2022-09-06T17:18:58.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2026-04-08T16:41:36.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-24669 (GCVE-0-2022-24669)
Vulnerability from cvelistv5 – Published: 2022-10-27 16:53 – Updated: 2025-05-06 18:33
VLAI
Title
Anonymous users can register / de-register for configuration change notifications
Summary
It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services.
Severity
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| ForgeRock | Access Management |
Affected:
unspecified , < 6.5.5
(custom)
Affected: unspecified , < 7.1.2 (custom) Affected: unspecified , < 7.2.0 (custom) |
Date Public
2022-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:20:49.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://backstage.forgerock.com/knowledge/kb/article/a90639318"
},
{
"tags": [
"x_transferred"
],
"url": "https://backstage.forgerock.com/downloads/browse/am/featured"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24669",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-06T18:33:01.889737Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-06T18:33:31.107Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Access Management",
"vendor": "ForgeRock",
"versions": [
{
"lessThan": "6.5.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "7.2.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It may be possible to gain some details of the deployment through a well-crafted attack. This may allow that data to be used to probe internal network services."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T17:03:57.090Z",
"orgId": "6b18ae97-0aab-4af2-9ba4-74b2b139ddfa",
"shortName": "ForgeRock"
},
"references": [
{
"url": "https://backstage.forgerock.com/knowledge/kb/article/a90639318"
},
{
"url": "https://backstage.forgerock.com/downloads/browse/am/featured"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to the latest versions."
}
],
"source": {
"advisory": "202204",
"defect": [
"https://bugster.forgerock.org/jira/browse/OPENAM-18367",
"(not",
"public)"
],
"discovery": "EXTERNAL"
},
"title": "Anonymous users can register / de-register for configuration change notifications",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "6b18ae97-0aab-4af2-9ba4-74b2b139ddfa",
"assignerShortName": "ForgeRock",
"cveId": "CVE-2022-24669",
"datePublished": "2022-10-27T16:53:56.378Z",
"dateReserved": "2022-02-08T00:00:00.000Z",
"dateUpdated": "2025-05-06T18:33:31.107Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-24896 (GCVE-0-2022-24896)
Vulnerability from cvelistv5 – Published: 2022-06-06 19:30 – Updated: 2025-04-23 18:19
VLAI
Title
Tracker report renderer and chart widgets leak information in Tuleap
Summary
Tuleap is a Free & Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports.
Severity
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/Enalean/tuleap/security/adviso… | x_refsource_CONFIRM |
| https://github.com/Enalean/tuleap/commit/8e99e7c8… | x_refsource_MISC |
| https://tuleap.net/plugins/git/tuleap/tuleap/stab… | x_refsource_MISC |
| https://tuleap.net/plugins/tracker/?aid=26729 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:29:00.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-x962-x43g-qw39"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Enalean/tuleap/commit/8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tuleap.net/plugins/tracker/?aid=26729"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-24896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:06:05.852732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:19:16.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "tuleap",
"vendor": "Enalean",
"versions": [
{
"status": "affected",
"version": "\u003c 13.7.99.239"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Tuleap is a Free \u0026 Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862: Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T19:30:15.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-x962-x43g-qw39"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Enalean/tuleap/commit/8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tuleap.net/plugins/tracker/?aid=26729"
}
],
"source": {
"advisory": "GHSA-x962-x43g-qw39",
"discovery": "UNKNOWN"
},
"title": "Tracker report renderer and chart widgets leak information in Tuleap",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-24896",
"STATE": "PUBLIC",
"TITLE": "Tracker report renderer and chart widgets leak information in Tuleap"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "tuleap",
"version": {
"version_data": [
{
"version_value": "\u003c 13.7.99.239"
}
]
}
}
]
},
"vendor_name": "Enalean"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Tuleap is a Free \u0026 Open Source Suite to manage software developments and collaboration. In versions prior to 13.7.99.239 Tuleap does not properly verify authorizations when displaying the content of tracker report renderer and chart widgets. Malicious users could use this vulnerability to retrieve the name of a tracker they cannot access as well as the name of the fields used in reports."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862: Missing Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/Enalean/tuleap/security/advisories/GHSA-x962-x43g-qw39",
"refsource": "CONFIRM",
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-x962-x43g-qw39"
},
{
"name": "https://github.com/Enalean/tuleap/commit/8e99e7c82d9fe569799019b9e1d614d38a184313",
"refsource": "MISC",
"url": "https://github.com/Enalean/tuleap/commit/8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"name": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=8e99e7c82d9fe569799019b9e1d614d38a184313",
"refsource": "MISC",
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit\u0026h=8e99e7c82d9fe569799019b9e1d614d38a184313"
},
{
"name": "https://tuleap.net/plugins/tracker/?aid=26729",
"refsource": "MISC",
"url": "https://tuleap.net/plugins/tracker/?aid=26729"
}
]
},
"source": {
"advisory": "GHSA-x962-x43g-qw39",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-24896",
"datePublished": "2022-06-06T19:30:15.000Z",
"dateReserved": "2022-02-10T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:19:16.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries.
- Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
Mitigation
Phase: Architecture and Design
Description:
- Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].
Mitigation ID: MIT-4.4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using authorization frameworks such as the JAAS Authorization Framework [REF-233] and the OWASP ESAPI Access Control feature [REF-45].
Mitigation
Phase: Architecture and Design
Description:
- For web applications, make sure that the access control mechanism is enforced correctly at the server side on every page. Users should not be able to access any unauthorized functionality or information by simply requesting direct access to that page.
- One way to do this is to ensure that all pages containing sensitive information are not cached, and that all such pages restrict access to requests that are accompanied by an active and authenticated session token associated with a user who has the required permissions to access that page.
Mitigation
Phases: System Configuration, Installation
Description:
- Use the access control capabilities of your operating system and server environment and define your access control lists accordingly. Use a "default deny" policy when defining these ACLs.
CAPEC-665: Exploitation of Thunderbolt Protection Flaws
An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.