← volver
CVE-2022-0916

Broken authentication on Logitech Options due to misvalidation of Oauth state parameter

CVSS 8.4 HIGHEPSS 0.4%CWE-287
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Productos afectados
Logitech · Options

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://support.logi.com/hc/en-us/articles/360025297893