Lucene search

CVE-2022-43484

🗓️ 05 Dec 2022 00:00:00Reported by jpcertType

TERASOLUNA Global Framework 1.0.0 and TERASOLUNA Server Framework for Java 2.0.0.2-2.0.5.1 have ClassLoader manipulation vulnerability via old Spring Framework version, leading to arbitrary code execution

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
NVD	CVE-2022-43484	5 Dec 202204:15	–	nvd
CVE	CVE-2022-43484	5 Dec 202204:15	–	cve
Prion	Input validation	5 Dec 202204:15	–	prion
Vulnrichment	CVE-2022-43484	5 Dec 202200:00	–	vulnrichment
OSV	GHSA-Q5J9-F95W-F4PR TERASOLUNA Server Framework vulnerable to ClassLoader manipulation	5 Dec 202206:30	–	osv
Github Security Blog	TERASOLUNA Server Framework vulnerable to ClassLoader manipulation	5 Dec 202206:30	–	github
Japan Vulnerability Notes	JVN#54728399: TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich) vulnerable to ClassLoader manipulation	14 Nov 202200:00	–	jvn

[
  {
    "vendor": "NTT DATA Corporation",
    "product": "TERASOLUNA Global Framework and TERASOLUNA Server Framework for Java (Rich)",
    "versions": [
      {
        "version": "TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
osdn	www.osdn.net/projects/terasoluna/wiki/cve-2022-43484
jvn	www.jvn.jp/en/jp/JVN54728399/index.html
terasolunaorg	www.terasolunaorg.github.io/vulnerability/cve-2022-43484.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Dec 2022 00:00Current

8High risk

Vulners AI Score8

EPSS0.00041