{ "id": "CVE-2022-1289", "sourceIdentifier": "cna@vuldb.com", "published": "2022-04-10T16:15:07.847", "lastModified": "2023-03-07T22:38:43.943", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce." }, { "lang": "es", "value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio en tildearrow Furnace. Ha sido clasificada como problem\u00e1tica. Esto es debido a una correcci\u00f3n incompleta de CVE-2022-1211. Es posible iniciar el ataque de forma remota, pero requiere una interacci\u00f3n del usuario. El problema ha sido corregido con el parche 0eb02422d5161767e9983bdaa5c429762d3477ce" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, { "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 1.4 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] }, { "source": "cna@vuldb.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-404" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CFFA314-6943-4498-B845-E1A1ABCE4E31" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E015EA7E-4720-4757-96E9-5260CFBC1043" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E776BB42-A08E-4F3C-947D-332DCB2CBF88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "051B2A23-EDCF-4539-9CA8-E5714F6F6DF4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "FDE66467-B30B-4B77-BB41-6A4C647E457B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D42E6328-AF1D-45D9-9DBB-382E8EDE3E40" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E76E15CA-9D90-4B4C-B987-E8608AA60236" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "F20B01FD-07A2-4D09-AAE5-11E464D4454B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "50763220-BBF6-4CB5-8E05-150B53714F61" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "AAB16783-A272-4E66-AF78-17B024DCEA88" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "6689F024-5C0F-42DC-B048-20268EBE49AA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "6BC4CEB4-803F-4D09-905C-270617E56336" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.5:real:*:*:*:*:*:*", "matchCriteriaId": "7ADEB444-C64D-48EF-8F4E-BA88BD8509B5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "B0A54674-881E-4448-83A8-9FF06E58ECCD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "7F8660DE-0B05-48C0-80D5-970EFA31E9F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "8CDBEA41-070A-43B9-A2C6-C168D3C70AE7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "76BA3B0D-EDC6-4B79-8DDC-09360E93F6C8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B25DEC4B-7531-40D8-B476-7C9FE8762515" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "8BA49882-11C5-4F54-AEEE-415F3DC68406" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "198DFD86-6858-41F0-8AA5-CC85F1A27E92" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "767CA8B0-9454-4F06-A12E-D7C4555E8BBC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "E33824AB-E32F-4F82-9E51-138B3183DA80" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.7:-:*:*:*:*:*:*", "matchCriteriaId": "541CF21B-7719-42CB-97F1-CB7AF2F77FA9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.7:pre4:*:*:*:*:*:*", "matchCriteriaId": "CD522023-C8DF-4BEA-911F-DE65428FCF34" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "B8952D4C-334E-43D6-B6B8-0E9EC7F2253B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:0.6:pre0:*:*:*:*:*:*", "matchCriteriaId": "3F99C267-EA7C-4ADA-8BE9-7E51D143B5E3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev5:*:*:*:*:*:*:*", "matchCriteriaId": "73F24C96-A83E-4F53-B852-9262C7CFC387" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev6:*:*:*:*:*:*:*", "matchCriteriaId": "9B5A5017-B4F4-480E-9CED-ADF09100A4F6" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev7:*:*:*:*:*:*:*", "matchCriteriaId": "A726A198-CBBD-4FAE-B3D7-C51F0F3D10B7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev8:*:*:*:*:*:*:*", "matchCriteriaId": "05E6200E-5061-4F71-9FD8-E19F9F6D2557" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev9:*:*:*:*:*:*:*", "matchCriteriaId": "9934631B-564C-4823-B509-75DA02940CB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev10:*:*:*:*:*:*:*", "matchCriteriaId": "2FEAE377-ED50-4A3B-971A-BDB1780EE242" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev62:*:*:*:*:*:*:*", "matchCriteriaId": "065CEC21-3C18-476F-B714-E2F20233F296" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev63:*:*:*:*:*:*:*", "matchCriteriaId": "9D67EC62-0FFD-4951-BA17-633DCD5C65C8" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev64:*:*:*:*:*:*:*", "matchCriteriaId": "87E9A121-6A91-4636-8453-3CFC6FA24B56" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev65:*:*:*:*:*:*:*", "matchCriteriaId": "67EFBF91-2CF9-4095-B8DF-425AE1917A25" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev66:*:*:*:*:*:*:*", "matchCriteriaId": "C1D41EEE-621B-4366-9097-27EF1472B38A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev67:*:*:*:*:*:*:*", "matchCriteriaId": "7CAF3983-5034-4095-9221-C464EBE6A0D0" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev68:*:*:*:*:*:*:*", "matchCriteriaId": "A145138D-19AB-4290-B145-DBB9DFB025D1" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev69:*:*:*:*:*:*:*", "matchCriteriaId": "3F812509-1F77-4024-85EB-CDD325BFCE6F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev70:*:*:*:*:*:*:*", "matchCriteriaId": "F60A5D1D-4B4C-4B67-B541-A5F14ACB820A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev71:*:*:*:*:*:*:*", "matchCriteriaId": "45C270A3-E380-4022-861D-6697DB73D895" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev72:*:*:*:*:*:*:*", "matchCriteriaId": "7A015763-407E-4283-9A39-4CFB9D699110" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev73:*:*:*:*:*:*:*", "matchCriteriaId": "48D91A45-1102-4081-BBEC-ED6CD9DF6689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev75:*:*:*:*:*:*:*", "matchCriteriaId": "7F9BFF65-6CB4-4466-B8C1-3584FEBCB626" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev76:*:*:*:*:*:*:*", "matchCriteriaId": "CDB48FE2-3476-4180-8754-724A153DF5C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev77:*:*:*:*:*:*:*", "matchCriteriaId": "0B8C8373-5E16-493C-B736-26C2676782D7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev78:*:*:*:*:*:*:*", "matchCriteriaId": "37EF1C85-71ED-4592-AF40-88CA608761F3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev79:*:*:*:*:*:*:*", "matchCriteriaId": "73FED9B5-3C85-4C59-B2F7-AC96439A52D9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:tildearrow:furnace:dev80:*:*:*:*:*:*:*", "matchCriteriaId": "E53F9DDD-249D-4BD1-8AC9-D361508E8487" } ] } ] } ], "references": [ { "url": "https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce", "source": "cna@vuldb.com", "tags": [ "Patch", "Third Party Advisory" ] }, { "url": "https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655", "source": "cna@vuldb.com", "tags": [ "Exploit", "Issue Tracking", "Third Party Advisory" ] }, { "url": "https://vuldb.com/?id.196755", "source": "cna@vuldb.com", "tags": [ "Third Party Advisory" ] } ] }