Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.
References
Link | Resource |
---|---|
https://github.com/cloudflare/advisories/security/advisories/GHSA-3868-hwjx-r5xf | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:51
Type | Values Removed | Values Added |
---|---|---|
Summary | Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint. |
01 Nov 2022, 18:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cloudflare:warp:*:*:*:*:*:windows:*:* cpe:2.3:a:cloudflare:warp:*:*:*:*:*:macos:*:* cpe:2.3:a:cloudflare:warp:*:*:*:*:*:linux_kernel:*:* |
|
References | (MISC) https://github.com/cloudflare/advisories/security/advisories/GHSA-3868-hwjx-r5xf - Third Party Advisory | |
First Time |
Cloudflare warp
Cloudflare |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CWE | NVD-CWE-noinfo |
28 Oct 2022, 11:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-28 10:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-3512
Mitre link : CVE-2022-3512
CVE.ORG link : CVE-2022-3512
JSON object : View
Products Affected
cloudflare
- warp
CWE