CVE-2022-2997 Security Details

CVE ID

CVE-2022-2997

CWE

CWE-384

CVE Description

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

Published

Aug 26, 2022

CVSS Score & Severity

8.0High

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

EPSS Score

0.353%

Malware

malware

KEV Status

Not in KEV Catalog: No known exploits

Affected Ecosystems

affected

Source

National Vulnerability Database

References

https://github.com/snipe/snipe-it/pull/11735PROJECT

https://www.huntr.dev/bounties/c09bf21b-50d2-49f0-8c92-49f6b3c358d8/THIRD_PARTY