ID CVE-2022-3320
Summary It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint.
References
Vulnerable Configurations
  • cpe:2.3:a:cloudflare:warp:-:*:*:*:*:linux_kernel:*:*
    cpe:2.3:a:cloudflare:warp:-:*:*:*:*:linux_kernel:*:*
  • cpe:2.3:a:cloudflare:warp:-:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2544.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2544.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2695.1:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2695.1:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2834.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2834.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2866.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2866.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.3.184.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.3.184.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.25.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.4.25.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.33.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.4.33.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.107.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.4.107.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.147.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.5.147.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.206.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.5.206.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.295.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.5.295.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.461.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.5.461.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.6.28.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:1.6.28.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2021.11.155.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2021.11.155.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2021.11.276.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2021.11.276.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2021.12.2.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2021.12.2.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.2.95.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.2.95.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.2.247.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.2.247.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.3.63.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.3.63.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.3.186.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.3.186.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.4.115.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.4.115.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.226.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.226.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.309.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.309.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.341.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.341.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:2022.7.174.0:*:*:*:*:windows:*:*
    cpe:2.3:a:cloudflare:warp:2022.7.174.0:*:*:*:*:windows:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1386:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1386:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1387:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1387:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1441:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1441:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1442:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1442:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1444:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1444:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1445:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1445:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1467:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1467:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1522:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1522:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1523:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1523:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1563:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1563:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1564:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1564:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1590:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1590:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1591:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1591:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1866:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1866:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1924:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1924:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.1989:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.1989:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2240:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2240:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.2.2278:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.2.2278:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.3.58:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.3.58:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.3.206:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.3.206:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.27:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.4.27:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.34:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.4.34:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.4.106:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.4.106:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.148.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.5.148.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.207.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.5.207.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.294.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.5.294.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.5.463.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.5.463.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:1.6.27.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:1.6.27.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2021.11.281.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2021.11.281.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2021.12.1.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2021.12.1.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.2.69.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.2.69.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.2.248.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.2.248.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.3.36.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.3.36.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.3.187.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.3.187.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.4.114.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.4.114.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.227.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.227.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.310.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.310.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.5.342.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.5.342.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cloudflare:warp:2022.7.175.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cloudflare:warp:2022.7.175.0:*:*:*:*:macos:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 31-10-2022 - 16:35
Published 28-10-2022 - 10:15
Last modified 31-10-2022 - 16:35
Back to Top