admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-31 10:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-13xx/CVE-2022-1362.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

154 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-1362",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-05-17T21:15:08.217",
"lastModified": "2024-11-21T06:40:34.550",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server."
},
{
"lang": "es",
"value": "El cnMaestro On-Premise afectado es vulnerable dentro de una ruta espec\u00edfica en la que un usuario puede cargar un paquete dise\u00f1ado en el sistema. Un atacante podr\u00eda abusar de estos datos controlados por el usuario para ejecutar comandos arbitrarios en el servidor"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cambiumnetworks:cnmaestro:2.4.2:*:*:*:on_premises:*:*:*",
"matchCriteriaId": "93FCE8FD-61FF-4160-9581-C8DD573F5BE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.0:*:*:*:on_premises:*:*:*",
"matchCriteriaId": "8E2A97A9-FD28-4592-AB4A-E02E007B6CE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cambiumnetworks:cnmaestro:3.0.3:*:*:*:on_premises:*:*:*",
"matchCriteriaId": "105A9A7C-BC84-4332-B3A1-525947CFF0D2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink