CVE-2022-4366

CVSS V2 None CVSS V3 None
Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitHub repository lirantal/daloradius prior to master branch.
Overview
  • CVE ID
  • CVE-2022-4366
  • Assigner
  • security@huntr.dev
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-08T19:15:10
  • Last Modified Date
  • 2022-12-12T15:29:16
Weakness Enumerations
CWE URL
CWE-668 http://cwe.mitre.org/data/definitions/668.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:daloradius:daloradius:-:*:*:*:*:*:*:* 1 OR
References
Reference URL Reference Tags
https://github.com/lirantal/daloradius/commit/3d11f375a76ddb3741200296e15f81d82dfb80ce
https://huntr.dev/bounties/f225d69a-d971-410d-a8f9-b0026143aed8
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-4366
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4366
History
Created Old Value New Value Data Type Notes
2022-12-08 20:16:19 Added to TrackCVE
2022-12-12 01:14:41 2022-12-08T19:15:10.157 2022-12-08T19:15:10 CVE Published Date updated
2022-12-12 01:14:41 2022-12-08T19:59:35 CVE Modified Date updated
2022-12-12 01:14:41 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-12 01:14:42 CVSS V3 information new
2022-12-12 16:16:25 2022-12-12T15:29:16 CVE Modified Date updated
2022-12-12 16:16:25 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-12 16:16:25 CWE-668 Weakness Enumeration new
2022-12-12 16:16:26 CPE Information updated
2022-12-12 16:16:26 CVSS V3 information new