Lucene search

[email protected]CVE-2022-48228

HistoryApr 04, 2023 - 3:15 p.m.

CVE-2022-48228

2023-04-0415:15:08

CWE-532

[email protected]

web.nvd.nist.gov

acuant

asureid

sentinel

security

vulnerability

core-7362

log files

cve-2022-48228

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive for the i-Dentify and Sentinel Installer log files, aka CORE-7362.

Affected configurations

NVD

Node

gbgplcacuant_asureid_sentinelRange<5.2.149

CPENameOperatorVersion
gbgplc:acuant_asureid_sentinelgbgplc acuant asureid sentinellt5.2.149

CPE	Name	Operator	Version
gbgplc:acuant_asureid_sentinel	gbgplc acuant asureid sentinel	lt	5.2.149

References

acuant.com

hackandpwn.com/disclosures/CVE-2022-48228.pdf

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

5.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2022-48228

prion1 cvelist1 nvd1