CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-2193

Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated attackers to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions prior to 6.14.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.hypr.com/security-advisories/
https://www.hypr.com/security-advisories/

Products affected by CVE-2022-2193

Hypr » Hypr Server » Version: 6.10

cpe:2.3:a:hypr:hypr_server:6.10

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-2193

Products

Pricing

Contact Us