Lucene search

[email protected]CVE-2022-45155

HistoryMar 15, 2023 - 1:15 p.m.

CVE-2022-45155

2023-03-1513:15:00

CWE-755

[email protected]

web.nvd.nist.gov

cve-2022-45155

obs-service-go_modules

opensuse factory

security vulnerability

file deletion

directory deletion

nvd

suse

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.5 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

8.1%

JSON

An Improper Handling of Exceptional Conditions vulnerability in obs-service-go_modules of openSUSE Factory allows attackers that can influence the call to the service to delete files and directories on the system of the victim. This issue affects: SUSE openSUSE Factory obs-service-go_modules versions prior to 0.6.1.

CPENameOperatorVersion
suse:opensuse_factorysuse opensuse factorylt0.6.1

CPE	Name	Operator	Version
suse:opensuse_factory	suse opensuse factory	lt	0.6.1

References

bugzilla.suse.com/show_bug.cgi?id=1201138

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

5.5 Medium

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:S/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

8.1%

JSON

Related for CVE-2022-45155

prion1