CVE-2023-0582

Summary

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass.

This issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, through 7.0.2.

Affected Software

VendorProductVersion RangeStatus
forgerockaccess management0 < 7.3.0affected
forgerockaccess management0 < 7.2.1affected
forgerockaccess management0 < 7.1.4affected
forgerockaccess management0 <= 7.0.2affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References