Lucene search

CVE-2022-41948 Privilege Chaining with the user admin role in dhis2-core

🗓️ 08 Dec 2022 22:12:14Reported by GitHub_MType

CVE-2022-41948 Privilege Escalation in DHIS2 Cor

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
Vulnrichment	CVE-2022-41948 Privilege Chaining with the user admin role in dhis2-core	8 Dec 202222:14	–	vulnrichment
CVE	CVE-2022-41948	8 Dec 202223:15	–	cve
OSV	CVE-2022-41948	8 Dec 202223:15	–	osv
Prion	Privilege escalation	8 Dec 202223:15	–	prion
NVD	CVE-2022-41948	8 Dec 202223:15	–	nvd

[
  {
    "vendor": "dhis2",
    "product": "dhis2-core",
    "versions": [
      {
        "version": "< 2.36.12.1",
        "status": "affected"
      },
      {
        "version": ">= 2.37.0.0, < 2.37.8.1",
        "status": "affected"
      },
      {
        "version": ">= 2.38.0.0, < 2.38.2.1",
        "status": "affected"
      },
      {
        "version": ">= 2.39.0.0, < 2.39.0.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/dhis2/dhis2-core/security/advisories/GHSA-59fm-8432-2426

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Dec 2022 22:14Current

7.2High risk

Vulners AI Score7.2

CVSS36.7

EPSS0.00039

CWE-269