Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-3979

Опубликовано: 13 нояб. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.1
CVSS3: 5.6

Описание

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.9.34 is able to address this issue. The identifier of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

1:1.9.34-1
esm-apps/bionic

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

not-affected

1:1.9.34-1
esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 68%
0.00554
Низкий

5.1 Medium

CVSS2

5.6 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-3979

CVSS3: 5.6
nvd
около 3 лет назад

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.9.34 is able to address this issue. The identifier of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.

debian логотип

CVE-2022-3979

CVSS3: 5.6
debian
около 3 лет назад

A vulnerability was found in NagVis up to 1.9.33 and classified as pro ...

github логотип

GHSA-v69g-856v-c9cc

CVSS3: 9.8
github
около 3 лет назад

A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. Upgrading to version 1.9.34 is able to address this issue. The name of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.

EPSS

Процентиль: 68%
0.00554
Низкий

5.1 Medium

CVSS2

5.6 Medium

CVSS3