Lucene search

[email protected]CVE-2022-38755

HistoryNov 21, 2022 - 5:15 p.m.

CVE-2022-38755

2022-11-2117:15:27

[email protected]

web.nvd.nist.gov

micro focus filr

cve-2022-38755

vulnerability

remote unauthenticated user enumeration

nvd

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

A vulnerability has been identified in Micro Focus Filr in versions prior to 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated attacker to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Focus Filr versions prior to 4.3.1.1.

Affected configurations

NVD

Node

microfocusfilrRange<4.3.1.1

CPENameOperatorVersion
microfocus:filrmicrofocus filrlt4.3.1.1

CPE	Name	Operator	Version
microfocus:filr	microfocus filr	lt	4.3.1.1

CNA Affected

[
  {
    "vendor": "Micro Focus",
    "product": "Micro Focus Filr ",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "4.3.1.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

portal.microfocus.com/s/article/KM000011886?language=en_US

Social References

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.9%

JSON

Related for CVE-2022-38755

prion1 nvd1 cvelist1