Vulnerability Details CVE-2022-3748
Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass. This issue affects Access Management: from 6.5.0 through 7.2.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 26.8%
CVSS Severity
CVSS v3 Score 9.8
References
- https://backstage.forgerock.com/downloads/browse/am/all/productId:am
- https://backstage.forgerock.com/knowledge/kb/article/a34332318
- https://backstage.forgerock.com/knowledge/kb/article/a92134872
- https://backstage.forgerock.com/downloads/browse/am/all/productId:am
- https://backstage.forgerock.com/knowledge/kb/article/a34332318
- https://backstage.forgerock.com/knowledge/kb/article/a92134872
Products affected by CVE-2022-3748
-
cpe:2.3:a:forgerock:access_management:6.5.0
-
cpe:2.3:a:forgerock:access_management:6.5.0.1
-
cpe:2.3:a:forgerock:access_management:6.5.0.2
-
cpe:2.3:a:forgerock:access_management:6.5.1
-
cpe:2.3:a:forgerock:access_management:6.5.2
-
cpe:2.3:a:forgerock:access_management:6.5.2.1
-
cpe:2.3:a:forgerock:access_management:6.5.2.2
-
cpe:2.3:a:forgerock:access_management:6.5.2.3
-
cpe:2.3:a:forgerock:access_management:6.5.3
-
cpe:2.3:a:forgerock:access_management:6.5.4
-
cpe:2.3:a:forgerock:access_management:7.0.0
-
cpe:2.3:a:forgerock:access_management:7.0.1
-
cpe:2.3:a:forgerock:access_management:7.0.2
-
cpe:2.3:a:forgerock:access_management:7.1.0
-
cpe:2.3:a:forgerock:access_management:7.1.1
-
cpe:2.3:a:forgerock:access_management:7.1.2
-
cpe:2.3:a:forgerock:access_management:7.1.3
-
cpe:2.3:a:forgerock:access_management:7.1.4
-
cpe:2.3:a:forgerock:access_management:7.2.0