Unrated severityNVD Advisory· Published Jan 10, 2023· Updated Apr 7, 2025

CVE-2023-22320

Description

OpenAM Web Policy Agent (OpenAM Consortium Edition) provided by OpenAM Consortium parses URLs improperly, leading to a path traversal vulnerability(CWE-22). Furthermore, a crafted URL may be evaluated incorrectly.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

OpenAM Consortium/OpenAM Web Policy Agentllm-create2 versions
(expand)+ 1 more
- (no CPE)
- (no CPE)range: 4.1.0

Patches

Vulnerability mechanics

References

jvn.jp/en/vu/JVN91740661/mitrethird-party-advisory
github.com/openam-jp/web-agents/issues/3mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000