Lucene search
MitreCVE-2022-34115HistoryJul 22, 2022 - 11:15 p.m.
CVE-2022-34115
2022-07-2223:15:08
CWE-434
mitre
web.nvd.nist.gov
42
5
dataease
v1.11.1
arbitrary file write vulnerability
datasourceid
cve-2022-34115
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
59.8%
DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId.
Affected configurations
Node
dataease_projectdataeaseMatch1.11.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dataease_project | dataease | 1.11.1 | cpe:2.3:a:dataease_project:dataease:1.11.1:*:*:*:*:*:*:* |
Social References
More
Related
cvelist
cvelist
CVE-2022-34115
2022-07-22 22:16:54
nvd
nvd
CVE-2022-34115
2022-07-22 23:15:08
osv
osv
CVE-2022-34115
2022-07-22 23:15:08
Dataease v1.11.1 SQL Injection via parameter dataSourceId
2022-07-23 00:00:15
prion
prion
Arbitrary file deletion
2022-07-22 23:15:00
github
github
Dataease v1.11.1 SQL Injection via parameter dataSourceId
2022-07-23 00:00:15
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
59.8%
Related for CVE-2022-34115