Lucene search
IntelCVE-2022-27234HistoryFeb 16, 2023 - 9:15 p.m.
CVE-2022-27234
2023-02-1621:15:11
CWE-918
intel
web.nvd.nist.gov
28
cve-2022-27234
cvat software
server-side request forgery
information disclosure
nvd
intel
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
High
EPSS
0.001
Percentile
29.1%
Server-side request forgery in the CVAT software maintained by Intelยฎ before version 2.0.1 may allow an authenticated user to potentially enable information disclosure via network access.
Affected configurations
Node
intelcomputer_vision_annotation_toolRange<2.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| intel | computer_vision_annotation_tool | * | cpe:2.3:a:intel:computer_vision_annotation_tool:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "CVAT software maintained by Intel(R)",
"versions": [
{
"version": "before version 2.0.1",
"status": "affected"
}
],
"defaultStatus": "unaffected"
}
]Related
cvelist
cvelist
CVE-2022-27234
2023-02-16 20:00:27
prion
prion
Server side request forgery (ssrf)
2023-02-16 21:15:00
nvd
nvd
CVE-2022-27234
2023-02-16 21:15:11
intel
intel
Computer Vision Annotation Toolย Advisory
2023-02-14 00:00:00
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.2
Confidence
High
EPSS
0.001
Percentile
29.1%
Related for CVE-2022-27234