How severe is CVE-2022-45170?

CVE-2022-45170 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2022-45170

Name: vdesk
Author: liveboxcloud

6.5MEDIUM

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account,

Veröffentlicht: 4/14/2023Aktualisiert: 2/7/2025

Beschreibung

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account, is able to decipher a file without knowing the key set by the user.

KI-AnalyseKI-gestützt

Betroffene Produkte

liveboxcloudvdesk

Referenzen

https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory