Lucene search

[email protected]CVE-2022-30187

HistoryJul 12, 2022 - 11:15 p.m.

CVE-2022-30187

2022-07-1223:15:10

CWE-327

[email protected]

web.nvd.nist.gov

azure

storage

library

info

disclosure

vulnerability

cve-2022-30187

nvd

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

4.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

18.0%

JSON

Azure Storage Library Information Disclosure Vulnerability

Affected configurations

Vulners

NVD

Node

microsoftazure_storage_blobsRange12.0.0–12.13.0.net

microsoftazure_storage_queueRange12.0.0–12.13.0.net

microsoftazure_storage_blobsRange12.0.0–12.18.0java

microsoftazure_storage_queueRange12.0.0–12.4.0python

microsoftazure_storage_blobsRange12.0.0–12.13.0python

VendorProductVersionCPE
microsoftazure_storage_blobs*cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:.net:*:*:*
microsoftazure_storage_queue*cpe:2.3:a:microsoft:azure_storage_queue:*:*:*:*:.net:*:*:*
microsoftazure_storage_blobs*cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:java:*:*:*
microsoftazure_storage_queue*cpe:2.3:a:microsoft:azure_storage_queue:*:*:*:*:python:*:*:*
microsoftazure_storage_blobs*cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:python:*:*:*

Vendor	Product	Version	CPE
microsoft	azure_storage_blobs	*	cpe:2.3:a:microsoft:azure_storage_blobs:::::.net:::*
microsoft	azure_storage_queue	*	cpe:2.3:a:microsoft:azure_storage_queue:::::.net:::*
microsoft	azure_storage_blobs	*	cpe:2.3:a:microsoft:azure_storage_blobs:::::java:::*
microsoft	azure_storage_queue	*	cpe:2.3:a:microsoft:azure_storage_queue:::::python:::*
microsoft	azure_storage_blobs	*	cpe:2.3:a:microsoft:azure_storage_blobs:::::python:::*

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Azure Storage Blobs client library for .NET",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:*:.net:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.13.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Storage Queues client library for .NET",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_storage_queue:*:*:*:*:*:.net:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.13.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Storage Blobs client library for Java",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:*:java:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.18.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Storage Queues client library for Python",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:*:python:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.4.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Azure Storage Blobs client library for Python",
    "cpes": [
      "cpe:2.3:a:microsoft:azure_storage_blobs:*:*:*:*:*:python:*:*"
    ],
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "12.0.0",
        "lessThan": "12.13.0",
        "versionType": "custom",
        "status": "affected"
      }
    ]
  }
]