Improper Permission Assignment in HYPR Workforce Access on Windows
CVE-2022-3258

3.7LOW

Key Information:

Vendor: Hypr
Status: Workforce Access
Vendor: CVE Published:; 3 November 2022

What is CVE-2022-3258?

This vulnerability in HYPR Workforce Access on Windows involves incorrect permission assignments that can lead to authentication abuse. Attackers may exploit these improper permissions to gain unauthorized access to sensitive resources, posing a significant threat to the security of user sessions and data within the affected systems.

Affected Version(s)

Workforce Access Windows 0

References

https://www.hypr.com/security-advisories

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2022
Vulnerability Reserved
Sep 21, 2022

Hypr

What is CVE-2022-3258?

Affected Version(s)

References

CVSS V3.1

Timeline