CVE-2022-4072

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') (CWE-74)

Published: Nov 20, 2022 / Updated: 24mo ago

010
Medium Severity
(Estimated)
No EPSS yet
CVE info copied to clipboard

A vulnerability classified as problematic was found in Iridium Intelligence bad_ip WP Plugin. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214039.

Timeline

First Article

Feedly found the first article mentioning CVE-2022-4072. See article

Nov 20, 2022 at 12:53 PM / vuldb.com
Static CVE Timeline Graph

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

NA - CVE-2022-4072 - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER....
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2022-4072
Severity Not Scored Description A vulnerability classified as problematic was found in Iridium Intelligence bad_ip WP Plugin. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214039. Read more at https://www.tenable.com/cve/CVE-2022-4072
CVE-2022-4072
submitted by /u/CVEreport [link] [comments]
CVE-2022-4072
A vulnerability classified as problematic was found in Iridium Intelligence bad_ip WP Plugin. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214039. Read More
CVE-2022-4072
A vulnerability classified as problematic was found in Iridium Intelligence bad_ip WP Plugin. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for...
See 4 more articles and social media posts

CVSS V3.1

Unknown

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI