cvelist/2022/0xxx/CVE-2022-0357.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2022-0357",
        "ASSIGNER": "cve-requests@bitdefender.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.\n\nThis issue affects:\n\nBitdefender Total Security\nversions prior to 26.0.10.45.\nBitdefender Internet Security\nversions prior to 26.0.10.45.\nBitdefender Antivirus Plus\nversions prior to 26.0.10.45."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-428 Unquoted Search Path or Element",
                        "cweId": "CWE-428"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Bitdefender",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Total Security",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "26.0.10.45"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Internet Security",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "26.0.10.45"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Antivirus Plus",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "26.0.10.45"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",
                "refsource": "MISC",
                "name": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.1.0-dev"
    },
    "source": {
        "defect": [
            "VA-10294"
        ],
        "discovery": "EXTERNAL"
    },
    "solution": [
        {
            "lang": "en",
            "supportingMedia": [
                {
                    "base64": false,
                    "type": "text/html",
                    "value": "An automatic update to version 26.0.10.45 or higher fixes the issue.<br>"
                }
            ],
            "value": "An automatic update to version 26.0.10.45 or higher fixes the issue.\n"
        }
    ],
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2022-01-25 09:01:13 +00:00			`{`
"-Synchronized-Data." 2023-05-24 08:00:37 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2022-01-25 09:01:13 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2022-0357",`
"-Synchronized-Data." 2023-05-24 08:00:37 +00:00			`"ASSIGNER": "cve-requests@bitdefender.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2022-01-25 09:01:13 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2023-05-24 08:00:37 +00:00			`"value": "Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.\n\nThis issue affects:\n\nBitdefender Total Security\nversions prior to 26.0.10.45.\nBitdefender Internet Security\nversions prior to 26.0.10.45.\nBitdefender Antivirus Plus\nversions prior to 26.0.10.45."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-428 Unquoted Search Path or Element",`
			`"cweId": "CWE-428"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Bitdefender",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Total Security",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "26.0.10.45"`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "Internet Security",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "26.0.10.45"`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "Antivirus Plus",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "26.0.10.45"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",`
			`"refsource": "MISC",`
			`"name": "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security"`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.1.0-dev"`
			`},`
			`"source": {`
			`"defect": [`
			`"VA-10294"`
			`],`
			`"discovery": "EXTERNAL"`
			`},`
			`"solution": [`
			`{`
			`"lang": "en",`
			`"supportingMedia": [`
			`{`
			`"base64": false,`
			`"type": "text/html",`
			`"value": "An automatic update to version 26.0.10.45 or higher fixes the issue.<br>"`
			`}`
			`],`
			`"value": "An automatic update to version 26.0.10.45 or higher fixes the issue.\n"`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "LOCAL",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 6.7,`
			`"baseSeverity": "MEDIUM",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "HIGH",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "NONE",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",`
			`"version": "3.1"`
"-Synchronized-Data." 2022-01-25 09:01:13 +00:00			`}`
			`]`
			`}`
			`}`