CVE-2022-41948

🗓️ 08 Dec 2022 22:14:12Reported by GitHub_MType

CVE-2022-41948: DHIS 2 privilege escalation vulnerabilit

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2022-41948	9 Dec 202202:12	–	circl
CNNVD	DHIS 2 安全漏洞	8 Dec 202200:00	–	cnnvd
Cvelist	CVE-2022-41948 Privilege Chaining with the user admin role in dhis2-core	8 Dec 202222:14	–	cvelist
EUVD	EUVD-2022-45058	3 Oct 202520:07	–	euvd
NVD	CVE-2022-41948	8 Dec 202223:15	–	nvd
OSV	CVE-2022-41948 Privilege Chaining with the user admin role in dhis2-core	8 Dec 202222:14	–	osv
Prion	Privilege escalation	8 Dec 202223:15	–	prion
RedhatCVE	CVE-2022-41948	23 May 202500:41	–	redhatcve
Vulnrichment	CVE-2022-41948 Privilege Chaining with the user admin role in dhis2-core	8 Dec 202222:14	–	vulnrichment

NVD

Vulners

Node

dhis2 dhis_2Range2.34.0–2.36.12.1

dhis2 dhis_2Range2.37.0–2.37.8.1

dhis2 dhis_2Range2.38.0–2.38.2.1

dhis2 dhis_2Match2.39.0

[
  {
    "vendor": "dhis2",
    "product": "dhis2-core",
    "versions": [
      {
        "version": "< 2.36.12.1",
        "status": "affected"
      },
      {
        "version": ">= 2.37.0.0, < 2.37.8.1",
        "status": "affected"
      },
      {
        "version": ">= 2.38.0.0, < 2.38.2.1",
        "status": "affected"
      },
      {
        "version": ">= 2.39.0.0, < 2.39.0.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/dhis2/dhis2-core/security/advisories/GHSA-59fm-8432-2426

21 Nov 2024 07:24Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.16.7 - 7.2

EPSS0.00358

SSVC

CWE-269