CVE-2022-3993

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-3993
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3.

9.8 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://huntr.dev/bounties/bebd0cd6-18ec-469c-b6ca-19ffa9db0699 Exploit Patch Third Party Advisory
https://github.com/kareadita/kavita/commit/f8db37d3f9aa42d47e7c4f4ca839e892d3f97afb Patch Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:kavitareader:kavita:*:*:*:*:*:*:*:*
Information

Published : 2022-11-14 10:15

Updated : 2022-11-17 14:14

NVD link : CVE-2022-3993

Mitre link : CVE-2022-3993

JSON object : View

CWE
CWE-287

Improper Authentication

Advertisement

dedicated server usa
Products Affected

kavitareader

  • kavita