CVE-2022-27774

moderate-risk

Published 2022-06-02

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

Do I need to act?

0.31% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.7/10 Medium

NETWORK / LOW complexity

Affected Products (14)

Curl

Debian Linux

Hci Bootstrap Os

Clustered Data Ontap

Solidfire \& Hci Management Node

Solidfire \& Hci Storage Node

Fabric Operating System

H300S Firmware

H500S Firmware

H700S Firmware

H410S Firmware

Universal Forwarder

Affected Vendors

Debian Brocade Haxx Netapp Splunk

References (10)

Exploit https://hackerone.com/reports/1543773

Mailing List https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

Third Party Advisory https://security.gentoo.org/glsa/202212-01

Third Party Advisory https://security.netapp.com/advisory/ntap-20220609-0008/

Third Party Advisory https://www.debian.org/security/2022/dsa-5197

Exploit https://hackerone.com/reports/1543773

Mailing List https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html

Third Party Advisory https://security.gentoo.org/glsa/202212-01

Third Party Advisory https://security.netapp.com/advisory/ntap-20220609-0008/

Third Party Advisory https://www.debian.org/security/2022/dsa-5197

/ 100

moderate-risk

Severity 22/34 · High

Exploitability 1/34 · Minimal

Exposure 18/34 · Moderate