Vulnerability Details CVE-2022-2888
If an attacker comes into the possession of a victim's OctoPrint session cookie through whatever means, the attacker can use this cookie to authenticate as long as the victim's account exists.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.3%
CVSS Severity
CVSS v3 Score 4.4
References
- https://github.com/octoprint/octoprint/commit/40e6217ac1a85cc5ed592873ae49db01d3005da4
- https://huntr.dev/bounties/d27d232b-2578-4b32-b3b4-74aabdadf629
- https://github.com/octoprint/octoprint/commit/40e6217ac1a85cc5ed592873ae49db01d3005da4
- https://huntr.dev/bounties/d27d232b-2578-4b32-b3b4-74aabdadf629
Products affected by CVE-2022-2888
-
cpe:2.3:a:octoprint:octoprint:-
-
cpe:2.3:a:octoprint:octoprint:0.1.0
-
cpe:2.3:a:octoprint:octoprint:0.1.1
-
cpe:2.3:a:octoprint:octoprint:0.1.2
-
cpe:2.3:a:octoprint:octoprint:1.0.0
-
cpe:2.3:a:octoprint:octoprint:1.1.0
-
cpe:2.3:a:octoprint:octoprint:1.1.1
-
cpe:2.3:a:octoprint:octoprint:1.1.2
-
cpe:2.3:a:octoprint:octoprint:1.2.0
-
cpe:2.3:a:octoprint:octoprint:1.2.1
-
cpe:2.3:a:octoprint:octoprint:1.2.10
-
cpe:2.3:a:octoprint:octoprint:1.2.11
-
cpe:2.3:a:octoprint:octoprint:1.2.12
-
cpe:2.3:a:octoprint:octoprint:1.2.13
-
cpe:2.3:a:octoprint:octoprint:1.2.14
-
cpe:2.3:a:octoprint:octoprint:1.2.15
-
cpe:2.3:a:octoprint:octoprint:1.2.16
-
cpe:2.3:a:octoprint:octoprint:1.2.17
-
cpe:2.3:a:octoprint:octoprint:1.2.18
-
cpe:2.3:a:octoprint:octoprint:1.2.2
-
cpe:2.3:a:octoprint:octoprint:1.2.3
-
cpe:2.3:a:octoprint:octoprint:1.2.4
-
cpe:2.3:a:octoprint:octoprint:1.2.5
-
cpe:2.3:a:octoprint:octoprint:1.2.6
-
cpe:2.3:a:octoprint:octoprint:1.2.7
-
cpe:2.3:a:octoprint:octoprint:1.2.8
-
cpe:2.3:a:octoprint:octoprint:1.2.9
-
cpe:2.3:a:octoprint:octoprint:1.3.0
-
cpe:2.3:a:octoprint:octoprint:1.3.1
-
cpe:2.3:a:octoprint:octoprint:1.3.10
-
cpe:2.3:a:octoprint:octoprint:1.3.11
-
cpe:2.3:a:octoprint:octoprint:1.3.12
-
cpe:2.3:a:octoprint:octoprint:1.3.2
-
cpe:2.3:a:octoprint:octoprint:1.3.3
-
cpe:2.3:a:octoprint:octoprint:1.3.4
-
cpe:2.3:a:octoprint:octoprint:1.3.5
-
cpe:2.3:a:octoprint:octoprint:1.3.6
-
cpe:2.3:a:octoprint:octoprint:1.3.7
-
cpe:2.3:a:octoprint:octoprint:1.3.8
-
cpe:2.3:a:octoprint:octoprint:1.3.9
-
cpe:2.3:a:octoprint:octoprint:1.4.0
-
cpe:2.3:a:octoprint:octoprint:1.4.1
-
cpe:2.3:a:octoprint:octoprint:1.4.2
-
cpe:2.3:a:octoprint:octoprint:1.5.0
-
cpe:2.3:a:octoprint:octoprint:1.5.1
-
cpe:2.3:a:octoprint:octoprint:1.5.2
-
cpe:2.3:a:octoprint:octoprint:1.5.3
-
cpe:2.3:a:octoprint:octoprint:1.6.0
-
cpe:2.3:a:octoprint:octoprint:1.6.1
-
cpe:2.3:a:octoprint:octoprint:1.7.0
-
cpe:2.3:a:octoprint:octoprint:1.7.1
-
cpe:2.3:a:octoprint:octoprint:1.7.2
-
cpe:2.3:a:octoprint:octoprint:1.7.3
-
cpe:2.3:a:octoprint:octoprint:1.8.0
-
cpe:2.3:a:octoprint:octoprint:1.8.1
-
cpe:2.3:a:octoprint:octoprint:1.8.2