admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-26xx/CVE-2022-2653.json
cad-safe-bot 5fc0b01395 Auto-Update: 2024-12-15T03:00:19.262894+00:00
2024-12-15 03:03:56 +00:00

132 lines
3.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-2653",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-08-04T10:15:08.060",
"lastModified": "2024-11-21T07:01:26.927",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "With this vulnerability an attacker can read many sensitive files like configuration files, or the /proc/self/environ file, that contains the environment variable used by the web server that includes database credentials. If the web server user is root, an attacker will be able to read any file in the system."
},
{
"lang": "es",
"value": "Con esta vulnerabilidad un atacante puede leer muchos archivos confidenciales como los archivos de configuraci\u00f3n, o el archivo /proc/self/environ, que contiene la variable de entorno usada por el servidor web que incluye las credenciales de la base de datos. Si el usuario del servidor web es root, un atacante podr\u00e1 leer cualquier archivo del sistema"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:planka:planka:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.1",
"matchCriteriaId": "5F2CB549-0F44-4B52-8130-E1A385F24A4A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418",
"source": "security@huntr.dev",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/plankanban/planka/commit/ac1df5201dfdaf68d37f7e1b272bc137870d7418",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://huntr.dev/bounties/5dff7cf9-8bb2-4f67-a02d-b94db5009d70",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink