Lucene search
HistoryJul 22, 2022 - 11:15 p.m.
CVE-2022-34114
cve-2022-34114
dataease
sql injection
vulnerability
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
38.0%
Dataease v1.11.1 was discovered to contain a SQL injection vulnerability via the parameter dataSourceId.
Affected configurations
Node
dataease_projectdataeaseMatch1.11.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| dataease_project:dataease | dataease project dataease | eq | 1.11.1 |
References
Social References
More
Related
osv
osv
SQL Injection found in Dataease
2022-07-23 00:00:15
CVE-2022-34114
2022-07-22 23:15:08
cvelist
cvelist
CVE-2022-34114
2022-07-22 22:17:18
prion
prion
Sql injection
2022-07-22 23:15:00
nvd
nvd
CVE-2022-34114
2022-07-22 23:15:08
github
github
SQL Injection found in Dataease
2022-07-23 00:00:15
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
38.0%
Related for CVE-2022-34114