CVE-2022-2822 Vulnerability Details

  /     /     /  

CVE-2022-2822 Metadata Quick Info

CVE Published: 15/08/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: @huntrdev | Vendor: octoprint | Product: octoprint/octoprint
Status : PUBLISHED

CVE-2022-2822 Description

An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-307
CWE Name: CWE-307 Improper Restriction of Excessive Authentication Attempts
Source: octoprint

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2022-2822 Vulnerability Details