CVE-2022-45956

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:boa:boa:0.94.13:*:*:*:*:*:*:*
cpe:2.3:a:boa:boa:0.94.14:*:*:*:*:*:*:*

History

21 Nov 2024, 07:30

Type Values Removed Values Added
References () https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/169962/Boa-Web-Server-0.94.13-0.94.14-Authentication-Bypass.html - Exploit, Third Party Advisory, VDB Entry

15 Dec 2022, 19:47

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-12 15:15

Updated : 2024-11-21 07:30


NVD link : CVE-2022-45956

Mitre link : CVE-2022-45956

CVE.ORG link : CVE-2022-45956


JSON object : View

Products Affected

boa

  • boa
CWE
CWE-863

Incorrect Authorization