Lucene search

[email protected]CVE-2022-1277

HistoryJul 29, 2022 - 1:15 p.m.

CVE-2022-1277

2022-07-2913:15:08

CWE-89

[email protected]

web.nvd.nist.gov

cve-2022-1277

inavitas solar log

sql injection

unauthenticated

vulnerability

nvd

9.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability.

Affected configurations

NVD

Node

inavitassolar_logRange<1.0

CPENameOperatorVersion
inavitas:solar_loginavitas solar loglt1.0

CPE	Name	Operator	Version
inavitas:solar_log	inavitas solar log	lt	1.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Inavitas Solar Log",
    "vendor": "Inavitas",
    "versions": [
      {
        "lessThan": "1.0",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.usom.gov.tr/bildirim/tr-22-0514

Social References

9.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

9.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

Related for CVE-2022-1277

prion1 cvelist1 nvd1