CVE-2022-3322

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/cloudflare/advisories/security/advisories/GHSA-76pg-rp9h-wmcj	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudflare:warp_mobile_client:*:*:*:*:*:iphone_os:*:*

History

07 Nov 2023, 03:51

Type	Values Removed	Values Added
Summary	Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.	Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.

Information

Published : 2022-10-28 10:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-3322

Mitre link : CVE-2022-3322

CVE.ORG link : CVE-2022-3322

JSON object : View

Products Affected

cloudflare

warp_mobile_client

CWE

CWE-347

Improper Verification of Cryptographic Signature

CWE-862

Missing Authorization

{"id": "CVE-2022-3322", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cna@cloudflare.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.7, "exploitabilityScore": 1.5}]}, "published": "2022-10-28T10:15:17.277", "references": [{"url": "https://github.com/cloudflare/advisories/security/advisories/GHSA-76pg-rp9h-wmcj", "tags": ["Third Party Advisory"], "source": "cna@cloudflare.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-347"}]}, {"type": "Secondary", "source": "cna@cloudflare.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "Lock Warp switch is a feature of Zero Trust platform which, when\n enabled, prevents users of enrolled devices from disabling WARP client.\n Due to insufficient policy verification by WARP iOS client, this \nfeature could be bypassed by using the \"Disable WARP\" quick action.\n\n\n\n"}, {"lang": "es", "value": "El interruptor Lock Warp es una caracter\u00edstica de la plataforma Zero Trust que, cuando est\u00e1 habilitada, evita que los usuarios de dispositivos registrados deshabiliten el cliente WARP. Debido a una verificaci\u00f3n insuficiente de la pol\u00edtica por parte del cliente WARP iOS, esta caracter\u00edstica podr\u00eda omitirse mediante la acci\u00f3n r\u00e1pida \"\"Desactivar WARP\"\"."}], "lastModified": "2023-11-07T03:51:06.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cloudflare:warp_mobile_client:*:*:*:*:*:iphone_os:*:*", "vulnerable": true, "matchCriteriaId": "1150BB9C-25CC-4DD9-9CEB-C5B30AA39D1C", "versionEndExcluding": "6.14"}], "operator": "OR"}]}], "sourceIdentifier": "cna@cloudflare.com"}