admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-46xx/CVE-2022-4636.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

231 lines
6.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-4636",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-01-10T20:15:10.607",
"lastModified": "2024-11-21T07:35:38.497",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R, and ACR1020A-T is vulnerable to path traversal, which may allow an attacker to steal user credentials and other sensitive information through local file inclusion.\n\n"
},
{
"lang": "es",
"value": "La versi\u00f3n 3.4.31307 de Black Box KVM Firmware en los modelos ACR1000A-R-R2, ACR1000A-T-R2, ACR1002A-T, ACR1002A-R y ACR1020A-T es vulnerable a path traversal, lo que puede permitir a un atacante robar credenciales de usuario y otra informaci\u00f3n confidencial mediante la inclusi\u00f3n de archivos locales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:blackbox:acr1000a-r-r2_firmware:3.4.31307:*:*:*:*:*:*:*",
"matchCriteriaId": "64D27D88-2CDC-4EAC-9A39-49F98C560797"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:blackbox:acr1000a-r-r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCC884-104B-47F4-B08A-72AA0A25E898"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:blackbox:acr1000a-t-r2_firmware:3.4.31307:*:*:*:*:*:*:*",
"matchCriteriaId": "A8435BA5-8175-4651-8949-37F5DA16F534"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:blackbox:acr1000a-t-r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94A9F274-7071-42E0-ABC7-FA2F9595B043"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:blackbox:acr1002a-r_firmware:3.4.31307:*:*:*:*:*:*:*",
"matchCriteriaId": "A20579B5-23B4-4AA6-8E7C-9A3402994BA0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:blackbox:acr1002a-r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60C8325E-05DF-497C-8396-5838530C6807"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:blackbox:acr1002a-t_firmware:3.4.31307:*:*:*:*:*:*:*",
"matchCriteriaId": "00C283C2-B1DB-4EED-B9D5-9FA3E57F14D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:blackbox:acr1002a-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F68C48-1D3E-4071-8C42-E4816D43A1A6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:blackbox:acr1020a-t_firmware:3.4.31307:*:*:*:*:*:*:*",
"matchCriteriaId": "05618BE3-FBAB-422A-86BF-78F1FB71032F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:blackbox:acr1020a-t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "955FBC9D-2B5B-4333-9B34-41D19036BD64"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-010-01",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-010-01",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink