CVE-2022-4261

🗓️ 07 Dec 2022 00:00:00Reported by rapid7Type

Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate update authenticity

Reporter	Title	Published	Views	Family All 13
CNNVD	Rapid7 Nexpose 安全漏洞	8 Dec 202200:00	–	cnnvd
Cvelist	CVE-2022-4261 Rapid7 Nexpose Update Validation Issue	7 Dec 202200:00	–	cvelist
EUVD	EUVD-2022-43249	3 Oct 202520:07	–	euvd
EUVD	EUVD-2022-51617	3 Oct 202520:07	–	euvd
NVD	CVE-2022-4261	8 Dec 202200:15	–	nvd
OSV	CVE-2022-3913	1 Feb 202322:15	–	osv
OSV	CVE-2022-4261	8 Dec 202200:15	–	osv
Prion	Design/Logic Flaw	1 Feb 202322:15	–	prion
Prion	Design/Logic Flaw	8 Dec 202200:15	–	prion
Positive Technologies	PT-2022-26502 · Rapid7 · Insightvm +1	7 Dec 202200:00	–	ptsecurity

NVD

Node

rapid7 insightvmRange<6.6.172

rapid7 nexposeRange<6.6.172

[
  {
    "defaultStatus": "unaffected",
    "product": "Nexpose",
    "vendor": "Rapid7",
    "versions": [
      {
        "lessThanOrEqual": "6.6.171",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "InsightVM",
    "vendor": "Rapid7",
    "versions": [
      {
        "lessThanOrEqual": "6.6.171",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
rapid7	www.rapid7.com/blog/post/2022/12/7/cve-2022-4261-rapid7-nexpose-update-validation-issue-fixed
docs	www.docs.rapid7.com/release-notes/insightvm/20221207/
docs	www.docs.rapid7.com/release-notes/nexpose/20221207/

21 Nov 2024 07:34Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.14.4 - 6.5

EPSS0.00097

SSVC

CWE-494