Lucene search

[email protected]CVE-2022-32320

HistoryJul 17, 2022 - 5:15 p.m.

CVE-2022-32320

2022-07-1717:15:08

CWE-352

[email protected]

web.nvd.nist.gov

cve-2022-32320

cross-site request forgery

csrf

ferdi

ferdium

file reading

security vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.4%

JSON

A Cross-Site Request Forgery (CSRF) in Ferdi through 5.8.1 and Ferdium through 6.0.0-nightly.98 allows attackers to read files via an uploaded file such as a settings/preferences file.

Affected configurations

NVD

Node

ferdiumferdiumMatch6.0.0-

ferdiumferdiumMatch6.0.0beta1

ferdiumferdiumMatch6.0.0beta2

ferdiumferdiumMatch6.0.0beta3

ferdiumferdiumMatch6.0.0nightly1

ferdiumferdiumMatch6.0.0nightly10

ferdiumferdiumMatch6.0.0nightly11

ferdiumferdiumMatch6.0.0nightly12

ferdiumferdiumMatch6.0.0nightly13

ferdiumferdiumMatch6.0.0nightly14

ferdiumferdiumMatch6.0.0nightly15

ferdiumferdiumMatch6.0.0nightly16

ferdiumferdiumMatch6.0.0nightly17

ferdiumferdiumMatch6.0.0nightly18

ferdiumferdiumMatch6.0.0nightly19

ferdiumferdiumMatch6.0.0nightly2

ferdiumferdiumMatch6.0.0nightly20

ferdiumferdiumMatch6.0.0nightly21

ferdiumferdiumMatch6.0.0nightly22

ferdiumferdiumMatch6.0.0nightly23

ferdiumferdiumMatch6.0.0nightly24

ferdiumferdiumMatch6.0.0nightly25

ferdiumferdiumMatch6.0.0nightly26

ferdiumferdiumMatch6.0.0nightly27

ferdiumferdiumMatch6.0.0nightly28

ferdiumferdiumMatch6.0.0nightly29

ferdiumferdiumMatch6.0.0nightly3

ferdiumferdiumMatch6.0.0nightly30

ferdiumferdiumMatch6.0.0nightly31

ferdiumferdiumMatch6.0.0nightly32

ferdiumferdiumMatch6.0.0nightly33

ferdiumferdiumMatch6.0.0nightly34

ferdiumferdiumMatch6.0.0nightly35

ferdiumferdiumMatch6.0.0nightly36

ferdiumferdiumMatch6.0.0nightly37

ferdiumferdiumMatch6.0.0nightly38

ferdiumferdiumMatch6.0.0nightly39

ferdiumferdiumMatch6.0.0nightly4

ferdiumferdiumMatch6.0.0nightly40

ferdiumferdiumMatch6.0.0nightly41

ferdiumferdiumMatch6.0.0nightly42

ferdiumferdiumMatch6.0.0nightly43

ferdiumferdiumMatch6.0.0nightly44

ferdiumferdiumMatch6.0.0nightly45

ferdiumferdiumMatch6.0.0nightly46

ferdiumferdiumMatch6.0.0nightly47

ferdiumferdiumMatch6.0.0nightly48

ferdiumferdiumMatch6.0.0nightly49

ferdiumferdiumMatch6.0.0nightly5

ferdiumferdiumMatch6.0.0nightly50

ferdiumferdiumMatch6.0.0nightly51

ferdiumferdiumMatch6.0.0nightly52

ferdiumferdiumMatch6.0.0nightly53

ferdiumferdiumMatch6.0.0nightly54

ferdiumferdiumMatch6.0.0nightly55

ferdiumferdiumMatch6.0.0nightly56

ferdiumferdiumMatch6.0.0nightly57

ferdiumferdiumMatch6.0.0nightly58

ferdiumferdiumMatch6.0.0nightly59

ferdiumferdiumMatch6.0.0nightly6

ferdiumferdiumMatch6.0.0nightly60

ferdiumferdiumMatch6.0.0nightly61

ferdiumferdiumMatch6.0.0nightly62

ferdiumferdiumMatch6.0.0nightly63

ferdiumferdiumMatch6.0.0nightly65

ferdiumferdiumMatch6.0.0nightly66

ferdiumferdiumMatch6.0.0nightly67

ferdiumferdiumMatch6.0.0nightly69

ferdiumferdiumMatch6.0.0nightly7

ferdiumferdiumMatch6.0.0nightly70

ferdiumferdiumMatch6.0.0nightly71

ferdiumferdiumMatch6.0.0nightly72

ferdiumferdiumMatch6.0.0nightly73

ferdiumferdiumMatch6.0.0nightly74

ferdiumferdiumMatch6.0.0nightly76

ferdiumferdiumMatch6.0.0nightly77

ferdiumferdiumMatch6.0.0nightly78

ferdiumferdiumMatch6.0.0nightly79

ferdiumferdiumMatch6.0.0nightly8

ferdiumferdiumMatch6.0.0nightly80

ferdiumferdiumMatch6.0.0nightly81

ferdiumferdiumMatch6.0.0nightly82

ferdiumferdiumMatch6.0.0nightly83

ferdiumferdiumMatch6.0.0nightly84

ferdiumferdiumMatch6.0.0nightly85

ferdiumferdiumMatch6.0.0nightly86

ferdiumferdiumMatch6.0.0nightly87

ferdiumferdiumMatch6.0.0nightly88

ferdiumferdiumMatch6.0.0nightly89

ferdiumferdiumMatch6.0.0nightly9

ferdiumferdiumMatch6.0.0nightly90

ferdiumferdiumMatch6.0.0nightly91

ferdiumferdiumMatch6.0.0nightly92

ferdiumferdiumMatch6.0.0nightly93

ferdiumferdiumMatch6.0.0nightly94

ferdiumferdiumMatch6.0.0nightly95

ferdiumferdiumMatch6.0.0nightly96

ferdiumferdiumMatch6.0.0nightly97

ferdiumferdiumMatch6.0.0nightly98

getferdiferdiRange≤5.8.1

CPENameOperatorVersion
ferdium:ferdiumferdiumeq6.0.0
getferdi:ferdigetferdi ferdile5.8.1

CPE	Name	Operator	Version
ferdium:ferdium	ferdium	eq	6.0.0
getferdi:ferdi	getferdi ferdi	le	5.8.1

References

getferdi.com/

gist.github.com/omriinbar-cyesec/c1179fe99725d2b828b6573c0d110c9c

github.com/getferdi/ferdi

Social References

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.4%

JSON

Related for CVE-2022-32320

cvelist1 prion1 nvd1 osv1