CVE-2022-35202

A security issue in Sitevision version 10.3.1 and older allows a remote attacker, in certain (non-default) scenarios, to gain access to the private keys used for signing SAML Authn requests. The underlying issue is a Java keystore that may become accessible and downloadable via WebDAV. This keystore is protected with a low-complexity, auto-generated password.

CVSS v3 5.1 MEDIUM

5.1^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 2.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://developer.sitevision.se/archives/release-notes/release-notes/2022-05-06-release-notes-sitevision-10.3
https://www.shelltrail.com/research/how-auto-generated-passwords-in-sitevision-leads-to-signing-key-leakage-cve-2022-35202/

Configurations

No configuration.

History

13 Feb 2025, 18:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.1
Summary		(es) Un problema de seguridad en la versión 10.3.1 y anteriores de Sitevision permite que un atacante remoto, en ciertos escenarios (no predeterminados), obtenga acceso a las claves privadas utilizadas para firmar solicitudes de autenticación SAML. El problema subyacente es un almacén de claves de Java al que se puede acceder y descargar a través de WebDAV. Este almacén de claves está protegido con una contraseña de baja complejidad generada automáticamente.
CWE		CWE-532

11 Feb 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-11 19:15

Updated : 2025-02-13 18:15

NVD link : CVE-2022-35202

Mitre link : CVE-2022-35202

CVE.ORG link : CVE-2022-35202

JSON object : View

Products Affected

No product.

CWE

CWE-532

Insertion of Sensitive Information into Log File

5.1 /10