Aj Report
CVE-2022-42983
HIGH
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens.
AnalysisAI
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-290. anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing JWT Tokens. Affected products include: Anji-Plus Aj-Report.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
A vulnerability, which was classified as critical, was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (
A vulnerability, which was classified as critical, has been found in anji-plus AJ-Report up to 1.4.1. Rated medium sever
A vulnerability classified as problematic was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.3)
A vulnerability classified as critical has been found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.
A vulnerability was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.3), this vulnerability is re
A vulnerability was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.3), this vulnerability is re
A vulnerability was found in anji-plus AJ-Report up to 1.4.1. Rated medium severity (CVSS 5.3), this vulnerability is re
Same weakness CWE-290 – Authentication Bypass by Spoofing
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today