CVE: CVE-2022-29718 - CVE-Search

CVE Details for CVE: CVE-2022-29718

Summary

Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.

Timestamps
Last major update	07-11-2023 - 03:46
Published	02-06-2022 - 21:15
Last modified	07-11-2023 - 03:46

References

Vulnerable Configurations

cpe:2.3:a:caddyserver:caddy:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:-:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.0:rc1:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:caddyserver:caddy:2.4.6:*:*:*:*:*:*:*

CAPEC

Click the CAPEC title to display a description

CWE

CWE-601

CVSS

Base

5.8

Impact

4.9

Exploitability

8.6

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

CVSS3

Base

6.1

Impact

2.7

Exploitability

2.8

Access

Attack Complexity	Attack vector	Privileges Required	Scope	User Interaction
LOW	NETWORK	NONE	CHANGED	REQUIRED

Impact

Confidentiality	Integrity	Availability
LOW	LOW	NONE

VIA4 references

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:N

cvss3-vector via4

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N