https://nvd.nist.gov/vuln/detail/CVE-2022-23131
NVD - CVE-2022-23131
CVE-2022-23131 Detail Current Description In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthe
nvd.nist.gov
https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2022/CVE-2022-23131.yaml
GitHub - projectdiscovery/nuclei-templates: Community curated list of templates for the nuclei engine to find security vulnerabi
Community curated list of templates for the nuclei engine to find security vulnerabilities. - GitHub - projectdiscovery/nuclei-templates: Community curated list of templates for the nuclei engine t...
github.com
해당버전 : 5.4.0 ~ 5.4.8
CVSS 점수 : 9.8(critical)
'보안동향' 카테고리의 다른 글
| 데드볼트 랜섬웨어를 유포하는 QNAP 및 Asustor NAS 취약점 주의 권고 (0) | 2022.02.24 |
|---|---|
| 클라우드가 그리 좋다는데, 왜 지금 상황은 그렇지 못한가? (0) | 2022.02.24 |
| Post Mortem of KlaySwap Incident through BGP Hijacking (0) | 2022.02.12 |
| 코발트 스트라이크 악성코드, 취약한 MS-SQL 서버 대상으로 유포 (0) | 2022.02.11 |
| 북한이 공격 당했다! - 북한, 디도스 공격 후폭풍 이틀째 지속..접속 장애 여전 (0) | 2022.01.27 |