Missing Authorization in saleor/saleor
CVE-2022-0932

6.5MEDIUM

Key Information:

Vendor: Saleor
Status: Saleor/saleor
Vendor: CVE Published:; 11 March 2022

🔔 Create Saleor Vulnerability Alert

What is CVE-2022-0932?

Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2.

Affected Version(s)

saleor/saleor < 3.1.2

References

https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e0...

https://github.com/saleor/saleor/commit/521dfd6394f3926a7...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 11, 2022
Vulnerability Reserved
Mar 11, 2022

CVE-2022-0932 Data

JSON