admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-374xx/CVE-2022-37439.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

139 lines
4.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-37439",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2022-08-16T21:15:13.637",
"lastModified": "2022-08-18T19:11:51.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Splunk Enterprise and Universal Forwarder versions in the following table, indexing a specially crafted ZIP file using the file monitoring input can result in a crash of the application. Attempts to restart the application would result in a crash and would require manually removing the malformed file."
},
{
"lang": "es",
"value": "En las versiones de Splunk Enterprise y Universal Forwarder de la siguiente tabla, la indexaci\u00f3n de un archivo ZIP especialmente dise\u00f1ado mediante la entrada de monitorizaci\u00f3n de archivos puede resultar en un bloqueo de la aplicaci\u00f3n. Los intentos de reiniciar la aplicaci\u00f3n resultar\u00edan en un bloqueo y requerir\u00edan la eliminaci\u00f3n manual del archivo malformado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "prodsec@splunk.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "prodsec@splunk.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-409"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.11",
"matchCriteriaId": "52EBCCF6-0276-4B2C-9068-53864A39265F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "8.2.0",
"versionEndExcluding": "8.2.7.1",
"matchCriteriaId": "07E949C3-48BB-4D7F-98A2-B078E7A75F1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0",
"versionEndExcluding": "8.1.11",
"matchCriteriaId": "2479E06A-3859-4BD2-B6A4-27F664ABD800"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2.0",
"versionEndExcluding": "8.2.7.1",
"matchCriteriaId": "8FCE9486-B97A-49C6-A269-80CE96EBCC09"
}
]
}
]
}
],
"references": [
{
"url": "https://research.splunk.com/application/b237d393-2f57-4531-aad7-ad3c17c8b041",
"source": "prodsec@splunk.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.splunk.com/en_us/product-security/announcements/svd-2022-0803.html",
"source": "prodsec@splunk.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink