CVE-2022-3312

MEDIUM Year: 2022
CVSS v3 Score
4.6
Medium
Weakness Type
CWE-306
View all →

Vulnerability Description

Insufficient validation of untrusted input in VPN in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a local attacker to bypass managed device restrictions via physical access to the device. (Chromium security severity: Medium)

Related Vulnerabilities

CVE-2017-2708

MEDIUM
CVSS:4.6(Medium)

The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset...

CWE-3062017

CVE-2020-25048

MEDIUM
CVSS:4.6(Medium)

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Sam...

CWE-3062020

CVE-2020-27902

MEDIUM
CVSS:4.6(Medium)

An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passw...

CWE-3062020

CVE-2023-45140

MEDIUM
CVSS:4.6(Medium)

The Bastion provides authentication, authorization, traceability and auditability for SSH accesses. SCP and SFTP plugins don't honor group-based JIT MFA. Establishing a SCP/SFTP connection through The...

CWE-3062023

CVE-2024-35342

MEDIUM
CVSS:4.6(Medium)

Certain Anpviz products allow unauthenticated users to modify or disable camera related settings such as microphone volume, speaker volume, LED lighting, NTP, motion detection, etc. This affects IPC-D...

CWE-3062024

CVE-2022-3327

MEDIUM
CVSS:4.5(Medium)

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

CWE-3062022