Lucene search
Redhat.comRH:CVE-2022-1798HistoryAug 18, 2022 - 3:38 a.m.
CVE-2022-1798
2022-08-1803:38:30
redhat.com
access.redhat.com
74
8.7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H
0.001 Low
EPSS
Percentile
26.7%
An arbitrary file read vulnerability was found in the kubeVirt API. This flaw makes it possible to use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.
Related
cve
cve
CVE-2022-1798
2022-09-15 16:15:10
prion
prion
Path traversal
2022-09-15 16:15:00
veracode
veracode
Information Disclosure
2022-08-19 04:19:15
osv
osv
KubeVirt arbitrary host file read from the VM
2022-08-18 19:02:18
CVE-2022-1798
2022-09-15 16:15:10
nvd
nvd
CVE-2022-1798
2022-09-15 16:15:10
cbl_mariner
cbl_mariner
CVE-2022-1798 affecting package kubevirt for versions less than 0.55.1-1
2022-10-05 23:33:41
cvelist
cvelist
CVE-2022-1798 Path Traversal vulnerability in Kubevirt
2022-09-15 15:45:12
nessus
nessus
CBL Mariner 2.0 Security Update: kubevirt (CVE-2022-1798)
2023-03-28 00:00:00
gitlab
gitlab
Relative Path Traversal
2022-08-18 00:00:00
github
github
Duplicate Advisory: KubeVirt arbitrary host file read from the VM
2022-08-18 19:02:18
redhat
redhat
openvas
openvas
openSUSE: Security Advisory for kubevirt, (SUSE-SU-2022:3333-1)
2022-09-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3333-1)
2022-09-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:3321-1)
2022-09-21 00:00:00
8.7 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H
0.001 Low
EPSS
Percentile
26.7%
Related for RH:CVE-2022-1798