Lucene search
MitreCVE-2022-31321HistoryAug 01, 2022 - 8:15 p.m.
CVE-2022-31321
2022-08-0120:15:08
CWE-20
mitre
web.nvd.nist.gov
146
3
cve
2022
31321
input validation
bolt
directory enumeration
dos
nvd
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
9
Confidence
High
EPSS
0.002
Percentile
60.0%
The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input.
Affected configurations
Node
boltcmsboltRange≤5.7
Social References
More
Related
cvelist
cvelist
CVE-2022-31321
2022-08-01 19:24:32
prion
prion
Input validation
2022-08-01 20:15:00
nvd
nvd
CVE-2022-31321
2022-08-01 20:15:08
cbl_mariner
cbl_mariner
CVE-2022-31321 affecting package bolt 0.9.2-2
2024-09-21 03:20:41
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
AI Score
9
Confidence
High
EPSS
0.002
Percentile
60.0%
Related for CVE-2022-31321