VAR-202207-0227
Vulnerability from variot - Updated: 2024-02-13 01:28A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. This vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the API to the application. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system of the affected device. The attacker would need valid user credentials to exploit this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0227",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unified communications manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1.10000.22\\)"
},
{
"model": "unified communications manager im and presence service",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5\\(1\\)"
},
{
"model": "unified communications manager im and presence service",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "14su2"
},
{
"model": "unified communications manager im and presence service",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0"
},
{
"model": "unified communications manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0\\(1.10000.20\\)"
},
{
"model": "unified communications manager",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "11.5\\(1.10000.6\\)"
},
{
"model": "unified communications manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "12.5"
},
{
"model": "unified communications manager",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "14.0"
},
{
"model": "cisco unified communications manager",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco unified communications manager im and presence service",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "unified communications manager",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.5\\(1.10000.22\\)",
"versionStartIncluding": "12.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.0\\(1.10000.20\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.5\\(1.10000.22\\)",
"versionStartIncluding": "12.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5\\(1.10000.6\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "11.5\\(1.10000.6\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "14.0\\(1.10000.20\\)",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "14su2",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"cve": "CVE-2022-20791",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2022-20791",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CNVD-2022-50625",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-405344",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-20791",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2022-20791",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2022-20791",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2022-50625",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-435",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-405344",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2022-20791",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the database user privileges of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM \u0026amp; Presence Service (Unified CM IM\u0026amp;P) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. This vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the API to the application. A successful exploit could allow the attacker to read arbitrary files on the underlying operating system of the affected device. The attacker would need valid user credentials to exploit this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-20791",
"trust": 4.0
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2022-50625",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.3302",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022070621",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-405344",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-20791",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"id": "VAR-202207-0227",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
}
]
},
"last_update_date": "2024-02-13T01:28:57.737000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-cucm-imp-afr-YBFLNyzd",
"trust": 0.8,
"url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cucm-imp-afr-ybflnyzd"
},
{
"title": "Patch for Arbitrary File Read Vulnerability in Cisco Unified Communications Manager",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/338886"
},
{
"title": "Cisco Unified Communications Manager Repair measures for path traversal vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=199988"
},
{
"title": "Cisco: Cisco Unified Communications Products Arbitrary File Read Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-cucm-imp-afr-ybflnyzd"
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305 "
},
{
"title": "CVE-2022-XXXX",
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-rce "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-cucm-imp-afr-ybflnyzd"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-20791"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-20791/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022070621"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/cisco-unified-communications-manager-file-reading-38744"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.3302"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/22.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/alphabugx/cve-2022-23305"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"db": "VULHUB",
"id": "VHN-405344"
},
{
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"date": "2022-07-06T00:00:00",
"db": "VULHUB",
"id": "VHN-405344"
},
{
"date": "2022-07-06T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"date": "2023-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"date": "2022-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"date": "2022-07-06T21:15:11.497000",
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-09T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-50625"
},
{
"date": "2022-07-14T00:00:00",
"db": "VULHUB",
"id": "VHN-405344"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2022-20791"
},
{
"date": "2023-10-03T06:25:00",
"db": "JVNDB",
"id": "JVNDB-2022-016240"
},
{
"date": "2022-07-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-435"
},
{
"date": "2023-11-07T03:42:57.940000",
"db": "NVD",
"id": "CVE-2022-20791"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0Cisco\u00a0 Past traversal vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-016240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-435"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…