admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/26xxx/CVE-2022-26669.json
CVE Team a14dbf786c
"-Synchronized-Data."
2022-06-20 06:02:22 +00:00

95 lines
2.8 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2022-04-26T05:10:00.000Z",
"ID": "CVE-2022-26669",
"STATE": "PUBLIC",
"TITLE": "ASUS Control Center - SQL Injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Control Center",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.4.2.5"
}
]
}
}
]
},
"vendor_name": "ASUS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ASUS Control Center is vulnerable to SQL injection. An authenticated remote attacker with general user privilege can inject SQL command to specific API parameters to acquire database schema or access data."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-6056-b0d90-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-6056-b0d90-1.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "Update version to 1.4.3.2"
}
],
"source": {
"advisory": "TVN-202203002",
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink