Lucene search

MitreCVE-2022-31322

HistorySep 13, 2022 - 10:15 p.m.

CVE-2022-31322

2022-09-1322:15:08

CWE-798

mitre

web.nvd.nist.gov

cve-2022-31322

penta security systems inc

wapples v6.0

privilege escalation

suid flagged executables

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

Percentile

12.6%

JSON

Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to escalate privileges via overwriting files using SUID flagged executables.

Affected configurations

Nvd

Node

pentasecuritywapplesRange5.0.12.0–6.0.r3.4.10

pentasecuritywapplesMatchv6.0.r3.4.10-

pentasecuritywapplesMatchv6.0.r3.4.10hotfix1

VendorProductVersionCPE
pentasecuritywapples*cpe:2.3:a:pentasecurity:wapples:*:*:*:*:*:*:*:*
pentasecuritywapplesv6.0.r3.4.10cpe:2.3:a:pentasecurity:wapples:v6.0.r3.4.10:-:*:*:*:*:*:*
pentasecuritywapplesv6.0.r3.4.10cpe:2.3:a:pentasecurity:wapples:v6.0.r3.4.10:hotfix1:*:*:*:*:*:*

Vendor	Product	Version	CPE
pentasecurity	wapples	*	cpe:2.3:a:pentasecurity:wapples::::::::
pentasecurity	wapples	v6.0.r3.4.10	cpe:2.3:a:pentasecurity:wapples:v6.0.r3.4.10:-::::::
pentasecurity	wapples	v6.0.r3.4.10	cpe:2.3:a:pentasecurity:wapples:v6.0.r3.4.10:hotfix1::::::

References

medium.com/%40_sadshade/wapples-web-application-firewall-multiple-vulnerabilities-35bdee52c8fb

www.pentasecurity.com/product/wapples/

Social References

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.7

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVE-2022-31322