Lucene search
Palo_altoCVELIST:CVE-2022-0073HistoryOct 27, 2022 - 7:30 p.m.
CVE-2022-0073 Authenticated Remote Code Execution in OpenLiteSpeed Web Server
2022-10-2719:30:54
CWE-20
palo_alto
www.cve.org
3
cve-2022-0073
openlitespeed web server
command injection
input validation
litespeed technologies
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
35.0%
Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "OpenLiteSpeed Web Server",
"repo": "https://github.com/litespeedtech/openlitespeed",
"vendor": "LiteSpeed Technologies",
"versions": [
{
"lessThan": "1.7.16.1",
"status": "affected",
"version": "1.7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "LiteSpeed Web Server",
"vendor": "LiteSpeed Technologies",
"versions": [
{
"lessThan": "1.7.16.1",
"status": "affected",
"version": "1.7.0",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-0073
2022-10-27 20:15:12
nvd
nvd
CVE-2022-0073
2022-10-27 20:15:12
prion
prion
Input validation
2022-10-27 20:15:00
cve
cve
CVE-2022-0073
2022-10-27 20:15:12
thn
thn
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
35.0%
Related for CVELIST:CVE-2022-0073