Search criteria
6 vulnerabilities found for freshservice_agent by freshworks
FKIE_CVE-2022-36173
Vulnerability from fkie_nvd - Published: 2022-09-12 21:15 - Updated: 2024-11-21 07:12
Severity ?
Summary
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://public-exposure.inform.social/post/integrity-checking/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://public-exposure.inform.social/post/integrity-checking/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freshworks | freshservice_agent | * | |
| freshworks | freshservice_agent | * | |
| freshworks | freshservice_agent | * | |
| freshworks | freshservice_probe | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "491AEC28-58CA-40B4-9677-F4BCF0E455F8",
"versionEndExcluding": "2.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "5F5F9F51-31C9-416D-AA36-A27CF2EA4445",
"versionEndExcluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "45CF8304-09E1-4537-9787-6A6C3988C531",
"versionEndExcluding": "4.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freshworks:freshservice_probe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC53AFD-4E3C-4D03-81B5-96F8C6FB9521",
"versionEndExcluding": "4.11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreshService macOS Agent \u003c 4.4.0 and FreshServce Linux Agent \u003c 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service."
},
{
"lang": "es",
"value": "FreshService macOS Agent versiones anteriores a 4.4.0 y FreshServce Linux Agent versiones anteriores a 3.4.0, son vulnerables a un TLS de tipo Man-in-The-Middle por medio del cliente FreshAgent y el servicio de actualizaci\u00f3n programada"
}
],
"id": "CVE-2022-36173",
"lastModified": "2024-11-21T07:12:32.810",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-12T21:15:10.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-36174
Vulnerability from fkie_nvd - Published: 2022-09-12 21:15 - Updated: 2024-11-21 07:12
Severity ?
Summary
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent | Release Notes, Vendor Advisory | |
| cve@mitre.org | https://public-exposure.inform.social/post/integrity-checking/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://public-exposure.inform.social/post/integrity-checking/ | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| freshworks | freshservice_agent | * | |
| freshworks | freshservice_agent | * | |
| freshworks | freshservice_agent | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "D07617AE-F2AA-4350-B72C-7722B044BE11",
"versionEndExcluding": "2.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "582E21BB-A20A-4BF9-95EF-1F9ADBE4D929",
"versionEndExcluding": "3.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:freshworks:freshservice_agent:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "FFB6F154-38ED-4CAA-BDE6-9B8EBCEA051B",
"versionEndExcluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreshService Windows Agent \u003c 2.11.0 and FreshService macOS Agent \u003c 4.2.0 and FreshService Linux Agent \u003c 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service."
},
{
"lang": "es",
"value": "FreshService Windows Agent versiones anteriores a 2.11.0 y FreshService macOS Agent versiones anteriores a 4.2.0 y FreshService Linux Agent versiones anteriores a 3.3.0. son vulnerables a una comprobaci\u00f3n de integridad rota por medio del cliente FreshAgent y el servicio de actualizaci\u00f3n programada"
}
],
"id": "CVE-2022-36174",
"lastModified": "2024-11-21T07:12:33.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-09-12T21:15:10.763",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-354"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-36173 (GCVE-0-2022-36173)
Vulnerability from cvelistv5 – Published: 2022-09-12 20:56 – Updated: 2024-08-03 10:00
VLAI?
Summary
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreshService macOS Agent \u003c 4.4.0 and FreshServce Linux Agent \u003c 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:56:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreshService macOS Agent \u003c 4.4.0 and FreshServce Linux Agent \u003c 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent",
"refsource": "MISC",
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"name": "https://public-exposure.inform.social/post/integrity-checking/",
"refsource": "MISC",
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36173",
"datePublished": "2022-09-12T20:56:05",
"dateReserved": "2022-07-18T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36174 (GCVE-0-2022-36174)
Vulnerability from cvelistv5 – Published: 2022-09-12 20:55 – Updated: 2024-08-03 10:00
VLAI?
Summary
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreshService Windows Agent \u003c 2.11.0 and FreshService macOS Agent \u003c 4.2.0 and FreshService Linux Agent \u003c 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:55:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreshService Windows Agent \u003c 2.11.0 and FreshService macOS Agent \u003c 4.2.0 and FreshService Linux Agent \u003c 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent",
"refsource": "MISC",
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"name": "https://public-exposure.inform.social/post/integrity-checking/",
"refsource": "MISC",
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36174",
"datePublished": "2022-09-12T20:55:52",
"dateReserved": "2022-07-18T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36173 (GCVE-0-2022-36173)
Vulnerability from nvd – Published: 2022-09-12 20:56 – Updated: 2024-08-03 10:00
VLAI?
Summary
FreshService macOS Agent < 4.4.0 and FreshServce Linux Agent < 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreshService macOS Agent \u003c 4.4.0 and FreshServce Linux Agent \u003c 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:56:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36173",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreshService macOS Agent \u003c 4.4.0 and FreshServce Linux Agent \u003c 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent",
"refsource": "MISC",
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"name": "https://public-exposure.inform.social/post/integrity-checking/",
"refsource": "MISC",
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36173",
"datePublished": "2022-09-12T20:56:05",
"dateReserved": "2022-07-18T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36174 (GCVE-0-2022-36174)
Vulnerability from nvd – Published: 2022-09-12 20:55 – Updated: 2024-08-03 10:00
VLAI?
Summary
FreshService Windows Agent < 2.11.0 and FreshService macOS Agent < 4.2.0 and FreshService Linux Agent < 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "FreshService Windows Agent \u003c 2.11.0 and FreshService macOS Agent \u003c 4.2.0 and FreshService Linux Agent \u003c 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T20:55:52",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreshService Windows Agent \u003c 2.11.0 and FreshService macOS Agent \u003c 4.2.0 and FreshService Linux Agent \u003c 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent",
"refsource": "MISC",
"url": "https://community.freshworks.com/product-updates/freshservice-release-notes-april-2022-23982#Security+updates:+Discovery+Probe+and+Discovery+Agent"
},
{
"name": "https://public-exposure.inform.social/post/integrity-checking/",
"refsource": "MISC",
"url": "https://public-exposure.inform.social/post/integrity-checking/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36174",
"datePublished": "2022-09-12T20:55:52",
"dateReserved": "2022-07-18T00:00:00",
"dateUpdated": "2024-08-03T10:00:04.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}