Access Control Issue in FreeTAKServer v1.9.8: Unauthenticated DoS and Route Manipulation Vulnerability

Access Control Issue in FreeTAKServer v1.9.8: Unauthenticated DoS and Route Manipulation Vulnerability

CVE-2022-25508 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users.

Learn more about our Cis Benchmark Audit For Server Software.