CVE-2023-22320

Published: Jan 10, 2023

Modified: Apr 7, 2025

PUBLISHED

Description

OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.

Vendor	Product	Versions
OpenAM consortium	OpenAM Web Policy Agent (OpenAM Consortium Edition)	affected `4.1.0`

Weaknesses (CWE)

CWE-22

References

https://github.com/openam-jp/web-agents/issues/3

OpenAM Web Policy Agent (OpenAM Consortium Edition) vulnerable to path traversal

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-22320

Description

Affected Products

Weaknesses (CWE)

References