exploitDog

CVE-2022-41217

Опубликовано: 22 фев. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.

Ссылки

https://csirt.divd.nl/CVE-2022-41217
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00052
https://csirt.divd.nl/CVE-2022-41217
Third Party Advisory
https://csirt.divd.nl/DIVD-2022-00052

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hybridsoftware:cloudflow:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.3.2 (исключая)

EPSS

Процентиль: 44%

0.00214

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-r459-f967-5328

CVSS3: 9.8

github

почти 3 года назад

Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.

EPSS

Процентиль: 44%

0.00214

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434