CVE-2022-32427

Опубликовано: 25 авг. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. This issue has been resolved in PrinterLogic Windows Client 25.0.0688 and all affected are advised to upgrade.

Ссылки

https://docs.printercloud.com/1-Printerlogic/Release_Notes/Client_Release_Notes.htm?tocpath=_____9
Release Notes
Vendor Advisory
https://www.printerlogic.com/security-bulletin/
Vendor Advisory
https://docs.printercloud.com/1-Printerlogic/Release_Notes/Client_Release_Notes.htm?tocpath=_____9
Release Notes
Vendor Advisory
https://www.printerlogic.com/security-bulletin/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:printerlogic:windows_client:*:*:*:*:*:*:*:*

Версия до 25.0.0.688 (исключая)

EPSS

Процентиль: 69%

0.00617

Низкий

8.8 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-3rq3-j32x-vjg4