CVE-2022-40277

2022-09-3017:15:13

CWE-20

Fluid Attacks

web.nvd.nist.gov

cve

2022

40277

joplin

version 2.8.8

remote code execution

markdown file

nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

36.2%

JSON

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the ‘shell.openExternal’ function.

Affected configurations

Nvd

Node

joplinappjoplinMatch2.8.8

AND

linuxlinux_kernelMatch-

Node

joplinappjoplinMatch2.8.8

AND

canonicalubuntu_linuxMatch20.04-

VendorProductVersionCPE
joplinappjoplin2.8.8cpe:2.3:a:joplinapp:joplin:2.8.8:*:*:*:*:*:*:*
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
canonicalubuntu_linux20.04cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:-:*:*:*

Vendor	Product	Version	CPE
joplinapp	joplin	2.8.8	cpe:2.3:a:joplinapp:joplin:2.8.8:::::::*
linux	linux_kernel	-	cpe:2.3:o:linux:linux_kernel:-:::::::*
canonical	ubuntu_linux	20.04	cpe:2.3:o:canonical:ubuntu_linux:20.04::::-:::

CNA Affected

[
  {
    "product": "Joplin",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "2.8.8"
      }
    ]
  }
]