admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-12-28 22:00:41 +00:00
parent a5c75908b4
commit a0f9852b41
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
1 changed files with 60 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
2022/1xxx/CVE-2022-1958.json
View File

@ -1,20 +1,42 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1958",
"TITLE": "FileCloud NTFS access control",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"generator": "vuldb.com",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in FileCloud. Affected is an unknown function of the component NTFS Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-201960."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in FileCloud entdeckt. Es betrifft eine unbekannte Funktion der Komponente NTFS Handler. Dank der Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Ein Aktualisieren auf die Version 21.3.5.18513 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "",
"vendor_name": "n/a",
"product": {
"product_data": [
{
@ -22,7 +44,8 @@
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "n/a",
"version_affected": "="
}
]
}
@ -33,34 +56,6 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Controls"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in FileCloud. Affected is the NTFS handler which leads to improper access controls. It is possible to launch the attack remotely but it demands some form of authentication. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component."
}
]
},
"credit": "Andrea Hauser/Ralph Meier",
"impact": {
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
@ -77,6 +72,37 @@
"url": "https://www.scip.ch/?news.20220615",
"refsource": "MISC",
"name": "https://www.scip.ch/?news.20220615"
},
{
"url": "https://vuldb.com/?ctiid.201960",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.201960"
}
]
},
"credits": [
{
"lang": "en",
"value": "Andrea Hauser"
},
{
"lang": "en",
"value": "Ralph Meier"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
}
]
}