Vulnerabilities > CVE-2022-32208 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE

Summary

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

Vulnerable Configurations

Part Description Count
Application
Haxx
113
Application
Netapp
4
Application
Splunk
13
OS
Fedoraproject
1
OS
Debian
2
OS
Netapp
5
OS
Apple
70
Hardware
Netapp
5

Common Weakness Enumeration (CWE)