Lucene search

GoogleOSV:CVE-2022-47184

HistoryJun 14, 2023 - 8:15 a.m.

CVE-2022-47184

2023-06-1408:15:08

Google

osv.dev

apache traffic server

sensitive information

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

50.9%

JSON

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.

References

lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs

lists.debian.org/debian-lts-announce/2023/06/msg00037.html

lists.fedoraproject.org/archives/list/[email protected]/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/

lists.fedoraproject.org/archives/list/[email protected]/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/

www.debian.org/security/2023/dsa-5435

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.001

Percentile

50.9%

JSON

Related for OSV:CVE-2022-47184