CVE-2022-3173

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-3173

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3173.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-3173

Aliases

GHSA-fhvv-p968-6vvj

Published

2022-09-17T06:50:08Z

Modified

2025-12-06T00:07:55.492179Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

Improper Authentication in snipe/snipe-it

Details

Improper Authentication in GitHub repository snipe/snipe-it prior to 6.0.10.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3173.json",
    "cna_assigner": "@huntrdev",
    "cwe_ids": [
        "CWE-287"
    ]
}

References

Affected packages

Git / github.com/grokability/snipe-it

Affected ranges

Type: GIT
Repo: https://github.com/grokability/snipe-it
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

dcab1381e7ee0b7fd1df3a34750dbff4b79185b2

Affected versions

3.*

3.2.0

5.*

5.1.7

V5.*

V5.4.0

v3.*

v3.0

v3.0-alpha

v3.0-alpha2

v3.0-beta.1

v3.0-beta.2

v3.0-beta.3

v3.0.0-beta

v3.1.0

v3.3.0

v3.3.0-beta

v3.4

v3.4.0-alpha

v3.4.0-beta

v3.5.0

v3.5.0-beta

v3.5.0-beta2

v3.5.1

v3.5.2

v3.6.0

v3.6.0-pre

v3.6.1

v3.6.1-pre

v3.6.2

v3.6.3

v3.6.4

v3.6.5

v3.6.6

Other

v4-beta3

v4-beta4

v4.*

v4.0

v4.0-alpha

v4.0-alpha-2

v4.0-beta

v4.0-beta2

v4.0-beta5

v4.0-beta6

v4.0.1

v4.0.10

v4.0.11

v4.0.12

v4.0.13

v4.0.14

v4.0.15

v4.0.2

v4.0.3

v4.0.4

v4.0.5

v4.0.6

v4.0.7

v4.0.8

v4.0.9

v4.1.0

v4.1.0-beta

v4.1.0-beta2

v4.1.1

v4.1.10

v4.1.11

v4.1.12

v4.1.13

v4.1.14

v4.1.2

v4.1.3

v4.1.4

v4.1.5

v4.1.6

v4.1.7

v4.1.8

v4.1.9

v4.2.0

v4.3.0

v4.4.0

v4.4.1

v4.5.0

v4.6.0

v4.6.1

v4.6.10

v4.6.11

v4.6.12

v4.6.13

v4.6.14

v4.6.15

v4.6.16

v4.6.17

v4.6.18

v4.6.2

v4.6.3

v4.6.4

v4.6.5

v4.6.6

v4.6.7

v4.6.8

v4.6.9

v4.7.0

v4.7.1

v4.7.2

v4.7.3

v4.7.4

v4.7.5

v4.7.7

v4.7.8

v4.8.0

v4.9.0

v4.9.1

v4.9.2

v4.9.3

v4.9.4

v4.9.5

v5.*

v5.0.0

v5.0.0-beta-1.0

v5.0.0-beta-1.1

v5.0.0-beta-2

v5.0.0-beta-3.0

v5.0.0-beta-4

v5.0.0-beta-5

v5.0.0-beta-6-GM

v5.0.0-beta-7-GM

v5.0.1

v5.0.10

v5.0.11

v5.0.12

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.0.6

v5.0.7

v5.0.8

v5.0.9

v5.1.0

v5.1.1

v5.1.2

v5.1.3

v5.1.4

v5.1.5

v5.1.6

v5.1.7

v5.1.8

v5.2.0

v5.3.0

v5.3.1

v5.3.10

v5.3.2

v5.3.3

v5.3.4

v5.3.5

v5.3.6

v5.3.7

v5.3.8

v5.3.9

v5.4.0

v5.4.1

v5.4.2

v5.4.3

v5.4.4

v6.*

v6.0.0

v6.0.0-GM

v6.0.0-RC-1

v6.0.0-RC-2

v6.0.0-RC-3

v6.0.0-RC-4

v6.0.0-RC-5

v6.0.0-RC-6

v6.0.0-RC-7

v6.0.0-RC-8

v6.0.1

v6.0.10

v6.0.2

v6.0.3

v6.0.4

v6.0.5

v6.0.6

v6.0.7

v6.0.8

v6.0.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-3173.json"

Git / github.com/snipe/snipe-it