Missing Critical Step in Authentication in namelessmc/nameless
CVE-2022-2821

9.8CRITICAL

Key Information:

Vendor

Namelessmc

Status
Namelessmc/nameless
Vendor
CVE Published:
15 August 2022

What is CVE-2022-2821?

Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2.

Affected Version(s)

namelessmc/nameless < unspecified

References

https://huntr.dev/bounties/c216db15-fe2f-42a7-852a-6c4749...
x_refsource_CONFIRM
https://github.com/namelessmc/nameless/commit/98fe4b7fce5...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.