{"id":"CVE-2022-34298","details":"The NT auth module in OpenAM before 14.6.6 allows a \"replace Samba username attack.\"","aliases":["GHSA-px3r-27qc-hx5g"],"modified":"2026-04-10T04:49:03.598083Z","published":"2022-06-23T17:15:18.363Z","references":[{"type":"FIX","url":"https://github.com/OpenIdentityPlatform/OpenAM/releases/tag/14.6.6"},{"type":"FIX","url":"https://github.com/OpenIdentityPlatform/OpenAM/compare/14.6.5...14.6.6"},{"type":"FIX","url":"https://github.com/OpenIdentityPlatform/OpenAM/pull/514"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openidentityplatform/openam","events":[{"introduced":"0"},{"fixed":"33f3eaeaa719a34fdb42ecfed0014eda7c2219a6"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"14.6.6"}]}}],"versions":["13.0.0","13.0.0-RC1","13.0.0-RC10","13.0.0-RC2","13.0.0-RC3","13.0.0-RC4","13.0.0-RC5","13.0.0-RC6","13.0.0-RC7","13.0.0-RC8","13.0.0-RC9","14.0.0","14.0.1","14.0.2","14.0.3","14.0.4","14.0.5","14.0.6","14.1.1","14.1.10","14.1.11","14.1.12","14.1.13","14.1.16","14.1.17","14.1.2","14.1.3","14.1.4","14.1.5","14.1.6","14.1.7","14.1.8","14.1.9","14.2.1","14.2.2","14.3.1","14.4.1","14.4.2","14.5.1","14.5.2","14.5.3","14.5.4","14.6.2","14.6.3","14.6.4","14.6.5"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34298.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}