← Volver a CVEs
CVE-2022-3322
MEDIUM6.7
Descripcion
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.
Detalles CVE
Puntuacion CVSS v3.16.7
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado10/28/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
cloudflare:warp_mobile_client
Debilidades (CWE)
CWE-862CWE-347
Referencias
https://github.com/cloudflare/advisories/security/advisories/GHSA-76pg-rp9h-wmcj(cna@cloudflare.com)
https://github.com/cloudflare/advisories/security/advisories/GHSA-76pg-rp9h-wmcj(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.