Lucene search
OpenHarmonyCVE-2022-38701HistorySep 09, 2022 - 3:15 p.m.
CVE-2022-38701
2022-09-0915:15:14
CWE-122
CWE-787
OpenHarmony
web.nvd.nist.gov
26
5
openharmony
heap overflow
vulnerability
cve-2022-38701
nvd
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
5.1%
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
Affected configurations
Node
openharmonyopenharmonyRange3.0–3.0.5long_term_support
ORopenatomopenharmonyRange3.1–3.1.2-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| openharmony | openharmony | * | cpe:2.3:a:openharmony:openharmony:*:*:*:*:long_term_support:*:*:* |
| openatom | openharmony | * | cpe:2.3:o:openatom:openharmony:*:*:*:*:-:*:*:* |
CNA Affected
[
{
"product": "OpenHarmony",
"vendor": "OpenHarmony",
"versions": [
{
"lessThanOrEqual": "3.1.2",
"status": "affected",
"version": "OpenHarmony-v3.1.x-Release",
"versionType": "custom"
},
{
"lessThanOrEqual": "3.0.5",
"status": "affected",
"version": "OpenHarmony-v3.0.x-LTS",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
nvd
nvd
CVE-2022-38701
2022-09-09 15:15:14
prion
prion
Heap overflow
2022-09-09 15:15:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2022-38701