How severe is CVE-2022-45170?

CVE-2022-45170 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2022-45170

Name: vdesk
Author: liveboxcloud

6.5MEDIUM

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account,

Published: 4/14/2023Updated: 2/7/2025

Description

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account, is able to decipher a file without knowing the key set by the user.

AI AnalysisPowered by AI

Affected Products

liveboxcloudvdesk

References

https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory