Lucene search
SolarWindsCVELIST:CVE-2022-38106HistoryDec 16, 2022 - 12:00 a.m.
CVE-2022-38106 Cross-Site Scripting Vulnerability in Serv-U Web Client
2022-12-1600:00:00
CWE-79
SolarWinds
www.cve.org
5
serv-u
web client
xss
vulnerability
directory creation
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
35.0%
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Serv-U File Server",
"vendor": "SolarWinds",
"versions": [
{
"status": "affected",
"version": "15.3.0"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-12-16 16:15:00
cve
cve
CVE-2022-38106
2022-12-16 16:15:22
vulnrichment
vulnrichment
CVE-2022-38106 Cross-Site Scripting Vulnerability in Serv-U Web Client
2022-12-16 00:00:00
nessus
nessus
SolarWinds Serv-U 15.3.0 < 15.3.2 (deprecated)
2022-11-23 00:00:00
nvd
nvd
CVE-2022-38106
2022-12-16 16:15:22
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
35.0%
Related for CVELIST:CVE-2022-38106