Цены Enterprise

CVE-2022-44381

5.3MEDIUM

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

Опубликовано: 12/25/2022Обновлено: 4/15/2025

Посмотреть на NVD Посмотреть на MITRE

Описание

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

ИИ-АнализНа базе ИИ

Затронутые продукты

snipeitappsnipe-it

Ссылки

https://census-labs.com/news/2022/12/23/multiple-vulnerabilities-in-snipe-it/
ExploitThird Party Advisory
https://census-labs.com/news/2022/12/23/multiple-vulnerabilities-in-snipe-it/
ExploitThird Party Advisory