admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-305xx/CVE-2022-30543.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

149 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-30543",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-11-09T18:15:14.983",
"lastModified": "2024-11-21T07:02:54.673",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A leftover debug code vulnerability exists in the console infct functionality of InHand Networks InRouter302 V3.5.45. A specially-crafted series of network requests can lead to execution of privileged operations. An attacker can send a sequence of requests to trigger this vulnerability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de c\u00f3digo de depuraci\u00f3n sobrante en la funcionalidad de infecci\u00f3n de la consola de InHand Networks InRouter302 V3.5.45. Una serie de solicitudes de red especialmente manipuladas pueden conducir a la ejecuci\u00f3n de operaciones privilegiadas. Un atacante puede enviar una secuencia de solicitudes para desencadenar esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-489"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:inhandnetworks:ir302_firmware:3.5.45:*:*:*:*:*:*:*",
"matchCriteriaId": "CCD75096-9011-4F14-BE6C-B64A187954F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:inhandnetworks:ir302:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E358655-E442-4D2C-B0B8-03C6780EC55C"
}
]
}
]
}
],
"references": [
{
"url": "https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf",
"source": "talos-cna@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1519",
"source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://inhandnetworks.com/upload/attachment/202210/25/InHand-PSA-2022-02.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1519",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink