CVE-2022-46945

Опубликовано: 26 мая 2023

Источник: nvd

CVSS3: 9.1

CVSS3: 6.5

EPSS Низкий

Описание

Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.

Ссылки

https://github.com/NagVis/nagvis/commit/71aba7f46f79d846e1df037f165d206a2cd1d22a
Patch
https://github.com/NagVis/nagvis/compare/nagvis-1.9.33...nagvis-1.9.34
Patch
Product
https://www.sonarsource.com/blog/checkmk-rce-chain-3/
Exploit
Third Party Advisory
https://github.com/NagVis/nagvis/commit/71aba7f46f79d846e1df037f165d206a2cd1d22a
Patch
https://github.com/NagVis/nagvis/compare/nagvis-1.9.33...nagvis-1.9.34
Patch
Product
https://lists.debian.org/debian-lts-announce/2025/05/msg00000.html
https://www.sonarsource.com/blog/checkmk-rce-chain-3/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nagvis:nagvis:*:*:*:*:*:*:*:*

Версия до 1.9.34 (исключая)

EPSS

Процентиль: 64%

0.00471

Низкий

9.1 Critical

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

CVE-2022-46945

CVSS3: 9.1

ubuntu

больше 2 лет назад

Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.

CVE-2022-46945

CVSS3: 9.1

debian

больше 2 лет назад

Nagvis before 1.9.34 was discovered to contain an arbitrary file read ...

GHSA-hw4x-q63w-42vp

CVSS3: 9.1

github

больше 2 лет назад

Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component /core/classes/NagVisHoverUrl.php.

EPSS

Процентиль: 64%

0.00471

Низкий

9.1 Critical

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-22