Add files via upload

2025-08-04 08:44:25 +00:00 · 2022-08-22 10:02:01 +02:00 · 2022-08-22 10:02:01 +02:00 · e4a29af9e2
commit e4a29af9e2
parent c2cb055368
1 changed files with 68 additions and 3 deletions
--- a/2022/2xxx/CVE-2022-2841.json
+++ b/2022/2xxx/CVE-2022-2841.json
@ -4,14 +4,79 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2022-2841",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "TITLE": "CrowdStrike Falcon Uninstallation authorization",
+        "REQUESTER": "cna@vuldb.com",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "generator": "vuldb.com",
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "CrowdStrike",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Falcon",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "6.31.14505.0"
+                                        },
+                                        {
+                                            "version_value": "6.42.15610"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-862 Missing Authorization"
+                    }
+                ]
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability was found in CrowdStrike Falcon 6.31.14505.0\/6.42.15610. It has been classified as problematic. Affected is the Uninstallation Handler which makes it possible to circumvent and disable the security feature. The manipulation leads to missing authorization. The identifier of this vulnerability is VDB-206880."
+            }
+        ]
+    },
+    "credit": "Pascal Zenker\/Max Moser",
+    "impact": {
+        "cvss": {
+            "version": "3.1",
+            "baseScore": "2.7",
+            "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:N\/A:L"
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https:\/\/www.modzero.com\/modlog\/archives\/2022\/08\/22\/ridiculous_vulnerability_disclosure_process_with_crowdstrike_falcon_sensor\/index.html"
+            },
+            {
+                "url": "https:\/\/www.modzero.com\/advisories\/MZ-22-02-CrowdStrike-FalconSensor.txt"
+            },
+            {
+                "url": "https:\/\/youtu.be\/3If-Fqwx-4s"
+            },
+            {
+                "url": "https:\/\/vuldb.com\/?id.206880"
            }
        ]
    }