Lucene search
MitreCVE-2022-34549HistoryJul 27, 2022 - 2:15 p.m.
CVE-2022-34549
2022-07-2714:15:08
CWE-434
mitre
web.nvd.nist.gov
30
5
cve-2022-34549
sims v1.0
arbitrary file upload
uploadservlet
security vulnerability
privilege escalation
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
51.0%
Sims v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /uploadServlet. This vulnerability allows attackers to escalate privileges and execute arbitrary commands via a crafted file.
Affected configurations
Node
sims_projectsimsMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sims_project | sims | 1.0 | cpe:2.3:a:sims_project:sims:1.0:*:*:*:*:*:*:* |
Social References
More
Related
prion
prion
Privilege escalation
2022-07-27 14:15:00
cvelist
cvelist
CVE-2022-34549
2022-07-27 13:12:30
nvd
nvd
CVE-2022-34549
2022-07-27 14:15:08
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
51.0%
Related for CVE-2022-34549