admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-453xx/CVE-2022-45338.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

177 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-45338",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-12-15T23:15:10.407",
"lastModified": "2024-11-21T07:29:04.150",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the profile picture upload function of Exact Synergy Enterprise 267 before 267SP13 and Exact Synergy Enterprise 500 before 500SP6 allows attackers to execute arbitrary code via a crafted SVG file."
},
{
"lang": "es",
"value": "Una vulnerabilidad de carga de archivos arbitrarios en la funci\u00f3n de carga de im\u00e1genes de perfil de Exact Synergy Enterprise 267 anterior a 267SP13 y Exact Synergy Enterprise 500 anterior a 500SP6 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo SVG dise\u00f1ado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:-:*:*:enterprise:*:*:*",
"matchCriteriaId": "6BA9DEEE-EDE4-4B1A-8DB9-9E96CCA42489"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp1:*:*:enterprise:*:*:*",
"matchCriteriaId": "B8F09D5D-C529-496B-ADB1-123C5A66AFB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp10:*:*:enterprise:*:*:*",
"matchCriteriaId": "ABC81240-9458-4624-A4C1-2CB8C665E969"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp11:*:*:enterprise:*:*:*",
"matchCriteriaId": "EDA14DD6-A17B-43FE-BA45-290A86418210"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp12:*:*:enterprise:*:*:*",
"matchCriteriaId": "DD5E6FA6-C252-4078-AE10-CABBDDDFDF9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp2:*:*:enterprise:*:*:*",
"matchCriteriaId": "3B33AF72-27CE-4C6A-A5C0-5ACB4B043E54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp3:*:*:enterprise:*:*:*",
"matchCriteriaId": "581CA5AA-E6AB-4693-A01B-23B6BD79CA6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp4:*:*:enterprise:*:*:*",
"matchCriteriaId": "EE3AE6F3-4BB4-4BF1-8FBA-2FEE539F81FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp5:*:*:enterprise:*:*:*",
"matchCriteriaId": "046D0970-3A43-49ED-AFFD-DADECA360E20"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp6:*:*:enterprise:*:*:*",
"matchCriteriaId": "578F3276-2E44-4113-A00C-92486630438E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp7:*:*:enterprise:*:*:*",
"matchCriteriaId": "1287BF67-6237-4883-A05E-7A227DFCD686"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp8:*:*:enterprise:*:*:*",
"matchCriteriaId": "DBD1500E-CEAC-4894-9ED1-F884D174FB70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:267:sp9:*:*:enterprise:*:*:*",
"matchCriteriaId": "9D704BBC-1AA2-46DD-8E3E-FD1720032948"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:-:*:*:enterprise:*:*:*",
"matchCriteriaId": "C1ABB366-F082-4F82-A498-51AFA46D3EE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:sp1:*:*:enterprise:*:*:*",
"matchCriteriaId": "3AEFEF28-980E-4716-8649-4D379C637BC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:sp2:*:*:enterprise:*:*:*",
"matchCriteriaId": "CA664DB4-D7F1-4B55-97CB-B20AD6BDB78F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:sp3:*:*:enterprise:*:*:*",
"matchCriteriaId": "AF9E5DB4-1DBC-4619-BDB9-2E519E3103EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:sp4:*:*:enterprise:*:*:*",
"matchCriteriaId": "986FA7D8-EA82-4A33-93E2-47EEBD1257DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exactsoftware:exact_synergy:500:sp5:*:*:enterprise:*:*:*",
"matchCriteriaId": "BB8D464E-7A36-456A-8C3D-D077B3F62DD2"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/MaxRozendaal/633b34a4675b60caed736e5ffe28f272",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/MaxRozendaal/633b34a4675b60caed736e5ffe28f272",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink