Lucene search

K
cveMitreCVE-2022-37047
HistoryAug 18, 2022 - 8:15 p.m.

CVE-2022-37047

2022-08-1820:15:11
CWE-787
mitre
web.nvd.nist.gov
42
10
cve-2022-37047
tcprewrite
tcpreplay
heap-based buffer overflow
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

52.2%

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

Affected configurations

Nvd
Node
broadcomtcpreplayMatch4.4.1
Node
fedoraprojectfedoraMatch35
OR
fedoraprojectfedoraMatch36
OR
fedoraprojectfedoraMatch37
VendorProductVersionCPE
broadcomtcpreplay4.4.1cpe:2.3:a:broadcom:tcpreplay:4.4.1:*:*:*:*:*:*:*
fedoraprojectfedora35cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
fedoraprojectfedora36cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
fedoraprojectfedora37cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

Social References

More

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

52.2%