Lucene search

VulDBCVE-2022-2870

HistoryAug 17, 2022 - 7:15 p.m.

CVE-2022-2870

2022-08-1719:15:07

CWE-502

VulDB

web.nvd.nist.gov

laravel

5.1

vulnerability

deserialization

remote exploit

cve-2022-2870

nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

53.1%

JSON

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

Affected configurations

Nvd

Vulners

Node

laravellaravelRange5.1.0–5.1.46

VendorProductVersionCPE
laravellaravel*cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
laravel	laravel	*	cpe:2.3:a:laravel:laravel::::::::

CNA Affected

[
  {
    "product": "laravel",
    "vendor": "unspecified",
    "versions": [
      {
        "status": "affected",
        "version": "5.1"
      }
    ]
  }
]

References

github.com/beicheng-maker/vulns/issues/2

vuldb.com/?id.206501

Social References

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

53.1%

JSON

Related for CVE-2022-2870