exploitDog

CVE-2022-38341

Опубликовано: 19 сент. 2022

Источник: nvd

CVSS3: 7.1

EPSS Низкий

Описание

Safe Software FME Server v2021.2.5 and below does not employ server-side validation.

Ссылки

https://community.safe.com/s/article/Known-Issue-Lack-of-server-side-validation-when-creating-a-new-user-in-FME-Server
Patch
Vendor Advisory
https://www.cycura.com/blog/safe-software-inc-fme-server-vulnerability-disclosure/
Third Party Advisory
https://community.safe.com/s/article/Known-Issue-Lack-of-server-side-validation-when-creating-a-new-user-in-FME-Server
Patch
Vendor Advisory
https://www.cycura.com/blog/safe-software-inc-fme-server-vulnerability-disclosure/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:safe:fme_server:*:*:*:*:*:*:*:*

Версия от 2021.2.3 (включая) до 2021.2.6 (исключая)

EPSS

Процентиль: 55%

0.00326

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vhfx-73jm-q8gh

CVSS3: 7.1

github

больше 3 лет назад

Safe Software FME Server v2022.0.1.1 and below does not employ server-side validation.

EPSS

Процентиль: 55%

0.00326

Низкий

7.1 High

CVSS3

Дефекты

NVD-CWE-Other