Lucene search

PRIOn knowledge basePRION:CVE-2022-4773

HistoryDec 28, 2022 - 12:15 a.m.

Path traversal

2022-12-2800:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

path traversal

cloudsync

getitem

localfilesystemconnector

patch

3ad796833398af257c28e0ebeade68518e0e612a

fix issue

vdb-216919

unsupported products

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as problematic was found in cloudsync. Affected by this vulnerability is the function getItem of the file src/main/java/cloudsync/connector/LocalFilesystemConnector.java. The manipulation leads to path traversal. It is possible to launch the attack on the local host. The name of the patch is 3ad796833398af257c28e0ebeade68518e0e612a. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216919. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CPENameOperatorVersion
cloudsynceq< 2022921

CPE	Name	Operator	Version
	cloudsync	eq	< 2022921

References

github.com/HolgerHees/cloudsync/commit/3ad796833398af257c28e0ebeade68518e0e612a

vuldb.com/?ctiid.216919

vuldb.com/?id.216919