admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/2xxx/CVE-2022-2120.json
CVE Team 456742817b
"-Synchronized-Data."
2022-06-24 15:00:47 +00:00

88 lines
2.8 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2022-06-23T22:19:00.000Z",
"ID": "CVE-2022-2120",
"STATE": "PUBLIC",
"TITLE": "OFFIS DCMTK Path Traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DCMTK",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "3.6.7"
}
]
}
}
]
},
"vendor_name": "OFFIS"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-23 Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01",
"name": "https://www.cisa.gov/uscert/ics/advisories/icsma-22-174-01"
}
]
},
"source": {
"advisory": "ICSMA-22-174-01",
"discovery": "UNKNOWN"
}
}
Reference in New Issue View Git Blame Copy Permalink