CVE-2022-4018

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

References

Link	Resource
https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095	Patch Third Party Advisory
https://huntr.dev/bounties/5340c2f6-0252-40f6-8929-cca5d64958a5	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha1::::::
	cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha2::::::
	cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha3::::::
	cpe:2.3:a:ikus-soft:rdiffweb::::::::
	cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha4::::::
	cpe:2.3:a:ikus-soft:rdiffweb:2.5.0:alpha5::::::

Information

Published : 2022-11-16 05:15

Updated : 2022-11-17 20:47

NVD link : CVE-2022-4018

Mitre link : CVE-2022-4018

JSON object : View

CWE

CWE-306

Missing Authentication for Critical Function

Products Affected

ikus-soft