Lucene search
HistoryJul 22, 2022 - 11:15 p.m.
CVE-2022-34115
dataease
v1.11.1
arbitrary file write vulnerability
datasourceid
cve-2022-34115
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.9%
DataEase v1.11.1 was discovered to contain a arbitrary file write vulnerability via the parameter dataSourceId.
Affected configurations
Node
dataease_projectdataeaseMatch1.11.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| dataease_project:dataease | dataease project dataease | eq | 1.11.1 |
Social References
More
Related
cvelist
cvelist
CVE-2022-34115
2022-07-22 22:16:54
nvd
nvd
CVE-2022-34115
2022-07-22 23:15:08
prion
prion
Arbitrary file deletion
2022-07-22 23:15:00
osv
osv
CVE-2022-34115
2022-07-22 23:15:08
Dataease v1.11.1 SQL Injection via parameter dataSourceId
2022-07-23 00:00:15
github
github
Dataease v1.11.1 SQL Injection via parameter dataSourceId
2022-07-23 00:00:15
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
59.9%
Related for CVE-2022-34115