Lucene search

K
cve[email protected]CVE-2022-35220
HistoryAug 02, 2022 - 4:15 p.m.

CVE-2022-35220

2022-08-0216:15:10
CWE-770
web.nvd.nist.gov
36
3
teamplus pro
cve-2022-35220
vulnerability
community discussion
remote attacker
memory allocation

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

Teamplus Pro community discussion function has an ‘allocation of resource without limits or throttling’ vulnerability. A remote attacker with general user privilege posting a thread with large content can cause the receiving client device to allocate too much memory, leading to abnormal termination of this client’s Teamplus Pro application.

Affected configurations

NVD
Node
teamplusteam\+_proRange3.011.6.0.1private_cloudandroid
OR
teamplusteam\+_proRange3.011.6.0.1private_cloudiphone_os

CNA Affected

[
  {
    "platforms": [
      "Android"
    ],
    "product": "Teamplus Pro",
    "vendor": "TEAMPLUS TECHNOLOGY INC.",
    "versions": [
      {
        "lessThanOrEqual": "3.011.6.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "iOS"
    ],
    "product": "Teamplus Pro",
    "vendor": "TEAMPLUS TECHNOLOGY INC.",
    "versions": [
      {
        "lessThanOrEqual": "3.011.6.0.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

7.7 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.2%

Related for CVE-2022-35220