Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2022-23228
CVE-2022-23228:
Pexip Infinity Management Node vulnerability analysis and mitigation
Overview
CVE-2022-23228 affects Pexip Infinity versions before 27.0. The vulnerability involves improper WebRTC input validation that allows an unauthenticated remote attacker to use excessive resources, temporarily causing denial of service (MITRE CVE, Pexip Docs).
Technical details
The vulnerability stems from improper validation of WebRTC input in Pexip Infinity's implementation. When exploited, it allows attackers to consume excessive system resources through malformed WebRTC inputs (MITRE CVE).
Impact
The primary impact of this vulnerability is temporary denial of service through resource exhaustion. When successfully exploited, an attacker can cause the system to consume excessive resources, potentially affecting service availability for legitimate users (MITRE CVE).
Mitigation and workarounds
The vulnerability was addressed in Pexip Infinity version 27.0. The recommended mitigation is to upgrade to version 27.0 or later to resolve the WebRTC input validation issue (Pexip Docs).
Additional resources
Source: This report was generated using AI
Related Pexip Infinity Management Node vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management