Description

An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor Authentication can occur under the /login/backup_code endpoint and the /api/v1/vdeskintegration/createbackupcodes endpoint, because the application allows a user to generate or regenerate the backup codes before checking the TOTP.

INFO

Published Date :

2024-06-10T00:00:00.000Z

Last Modified :

2025-03-20T20:34:58.376Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2022-45168 vulnerability.

Vendors Products
Liveboxcloud
  • Vdesk
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-45168.

URL Resource
https://www.gruppotim.it/it/footer/red-team.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact