CVE-2022-34298

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-34298

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34298.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-34298

Aliases

GHSA-px3r-27qc-hx5g

Published

2022-06-23T17:15:18Z

Modified

2025-05-28T10:31:31.443358Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

The NT auth module in OpenAM before 14.6.6 allows a "replace Samba username attack."

References

Affected packages

Git / github.com/openidentityplatform/openam

Affected ranges

Type: GIT
Repo: https://github.com/openidentityplatform/openam
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

33f3eaeaa719a34fdb42ecfed0014eda7c2219a6

Fixed

33f3eaeaa719a34fdb42ecfed0014eda7c2219a6

Affected versions

11.*

11.0.0

12.*

12.0.0

13.*

13.0.0

13.0.0-RC1

13.0.0-RC10

13.0.0-RC2

13.0.0-RC3

13.0.0-RC4

13.0.0-RC5

13.0.0-RC6

13.0.0-RC7

13.0.0-RC8

13.0.0-RC9

14.*

14.0.0

14.0.0-M1

14.0.0-M2

14.0.1

14.0.2

14.0.3

14.0.4

14.0.5

14.0.6

14.1.1

14.1.10

14.1.11

14.1.12

14.1.13

14.1.16

14.1.17

14.1.2

14.1.3

14.1.4

14.1.5

14.1.6

14.1.7

14.1.8

14.1.9

14.2.1

14.2.2

14.3.1

14.4.1

14.4.2

14.5.1

14.5.2

14.5.3

14.5.4

14.6.1

14.6.2

14.6.3

14.6.4

14.6.5

release/14.*

release/14.0.0-M6

release/14.0.0-M7