HIGH🇵🇱 Wersja polska

CVE-2022-1155

CVSS 7.4v3.1pub. 2022-03-30upd. 2024-11-21

Old sessions are not blocked by the login enable function. in GitHub repository snipe/snipe-it prior to 5.3.10.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
  • Snipeitapp Snipe It

    APP
    Snipeitapp
    5.3.10< 5.3.10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2026-37709CRITICAL9.8PL ✓ten sam produkt

RCE w Snipe-IT — Insecure Permissions w API uploadu plików

CVE-2025-63601CRITICAL9.9PL ✓ten sam produkt

RCE w Snipe-IT via złośliwy plik backup (CVE-2025-63601)

CVE-2026-48507HIGH7.1ten sam produkt

Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-adm...

CVE-2026-44832HIGH8.7ten sam produkt

Snipe-IT is an IT asset/license management system. Prior to 8.4.1, aAn authenticated user with only users.edit...

CVE-2025-15602HIGH8.7ten sam produkt

Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insu...