exploitDog

CVE-2022-46900

Опубликовано: 25 июл. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:vocera:report_server:*:*:*:*:*:*:*:*

Версия от 5.0.0 (включая) до 5.8.0.135 (включая)

cpe:2.3:a:vocera:voice_server:*:*:*:*:*:*:*:*

Версия от 5.0.0 (включая) до 5.8.0.135 (включая)

EPSS

Процентиль: 27%

0.00096

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-mx7r-3r4v-77rq

CVSS3: 6.5

github

больше 2 лет назад

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.

EPSS

Процентиль: 27%

0.00096

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22