← voltar
CVE-2022-0916

Broken authentication on Logitech Options due to misvalidation of Oauth state parameter

CVSS 8.4 HIGHEPSS 0.4%CWE-287
An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Produtos afetados
Logitech · Options

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://support.logi.com/hc/en-us/articles/360025297893