CVE-2022-1698

Allowing long password leads to denial of service in causefx/organizr

CVSS 9.9 CRITICALEPSS 1.0%CWE-191

Vexday Risk Score

28Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 9.9EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

12 mai 2022Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

Produtos afetados

causefx · causefx/organizr

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/causefx/organizr/commit/e4b4cff66c526f7b5bbaef0073c92c315c29bd56 https://huntr.dev/bounties/f4ab747b-e89a-4514-9432-ac1ea56639f3