CVE-2022-35248
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login.
| CWE | CWE-287 |
| Vendor | n/a |
| Product | rocket.chat |
| Published | Sep 23, 2022 |
| Last Updated | Aug 3, 2024 |
Stay Ahead of the Next One
Get instant alerts for n/a rocket.chat
Be the first to know when new unknown vulnerabilities affecting n/a rocket.chat are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / Rocket.Chat
Fixed in versions 4.7.5, 4.8.2, 5.0.0>