Lucene search

[email protected]CVE-2022-23292

HistoryApr 15, 2022 - 7:15 p.m.

CVE-2022-23292

2022-04-1519:15:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

194

cve-2022-23292

microsoft

power bi

spoofing

vulnerability

nvd

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

4.4 Medium

AI Score

Confidence

High

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Microsoft Power BI Spoofing Vulnerability

VendorProductVersionCPE
microsoftpremises_data_gateway*cpe:2.3:a:microsoft:premises_data_gateway:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	premises_data_gateway	*	cpe:2.3:a:microsoft:premises_data_gateway::::::::

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23292

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N

4.4 Medium

AI Score

Confidence

High

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for CVE-2022-23292

cnvd1 prion1 kaspersky1 mscve1 rapid7blog1