CVE-2022-2841
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
4 Medium
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.7%
A vulnerability was found in CrowdStrike Falcon 6.31.14505.0/6.42.15610/6.44.15806. It has been classified as problematic. Affected is an unknown function of the component Uninstallation Handler. The manipulation leads to missing authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.40.15409, 6.42.15611 and 6.44.15807 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-206880.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| crowdstrike | falcon | 6.31.14505.0 | cpe:2.3:a:crowdstrike:falcon:6.31.14505.0:*:*:*:*:*:*:* |
| crowdstrike | falcon | 6.42.15610 | cpe:2.3:a:crowdstrike:falcon:6.42.15610:*:*:*:*:*:*:* |
| crowdstrike | falcon | 6.44.15806 | cpe:2.3:a:crowdstrike:falcon:6.44.15806:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "CrowdStrike",
"product": "Falcon",
"versions": [
{
"version": "6.31.14505.0",
"status": "affected"
},
{
"version": "6.42.15610",
"status": "affected"
},
{
"version": "6.44.15806",
"status": "affected"
}
],
"modules": [
"Uninstallation Handler"
]
}
]References
Social References
More
Related
2.7 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N
4 Medium
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.7%