CVE-2021-44674

Опубликовано: 03 янв. 2022

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory.

Ссылки

http://open-audit.com
Vendor Advisory
http://opmantek.com
Vendor Advisory
https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0
Release Notes
Vendor Advisory
https://github.com/Opmantek/open-audit/commit/d27b649283aa6a01a15e5a3df1520d7aa69a5e18
Patch
Third Party Advisory
http://open-audit.com
Vendor Advisory
http://opmantek.com
Vendor Advisory
https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0
Release Notes
Vendor Advisory
https://github.com/Opmantek/open-audit/commit/d27b649283aa6a01a15e5a3df1520d7aa69a5e18
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opmantek:open-audit:4.2.0:*:*:*:-:*:*:*

EPSS

Процентиль: 62%

0.00421

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-g8vf-4345-rm84

github

около 4 лет назад