Lucene search

MitreCVE-2022-29767

HistoryJun 03, 2022 - 1:15 a.m.

CVE-2022-29767

2022-06-0301:15:06

CWE-770

mitre

web.nvd.nist.gov

cve-2022-29767

adbyby v2.7

port 8118

connection

program logic error

dos

high cpu usage

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

29.0%

JSON

adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service (DoS) via high CPU usage due to a large number of connections.

Affected configurations

Nvd

Node

adbyby_projectadbybyMatch2.7

VendorProductVersionCPE
adbyby_projectadbyby2.7cpe:2.3:a:adbyby_project:adbyby:2.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
adbyby_project	adbyby	2.7	cpe:2.3:a:adbyby_project:adbyby:2.7:::::::*

References

github.com/adbyby/Files/issues/2

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

29.0%

JSON

Related for CVE-2022-29767