How severe is CVE-2022-45170?

CVE-2022-45170 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2022-45170

Name: vdesk
Author: liveboxcloud

6.5MEDIUM

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account,

发布于: 4/14/2023更新于: 2/7/2025

描述

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Cryptographic Issue can occur under the /api/v1/vencrypt/decrypt/file endpoint. A malicious user, logged into a victim's account, is able to decipher a file without knowing the key set by the user.

AI分析AI驱动

受影响产品

liveboxcloudvdesk

参考资料

https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory
https://www.gruppotim.it/it/footer/red-team.html
ExploitThird Party Advisory