Lucene search
GitHub Advisory DatabaseGHSA-4VQ7-8699-4XGCHistoryJul 29, 2022 - 12:00 a.m.
WMAgent arbitrary code execution via a crafted dbs-client package
2022-07-2900:00:17
GitHub Advisory Database
github.com
18
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
68.6%
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package.
Affected configurations
Node
globalworkqueueMatch1.4.1rc5
ORgithub_advisory_databasereqmonMatch1.4.1rc5
ORgithub_advisory_databasereqmgr2Range≤1.4.1rc5
ORgithub_advisory_databasewmagentRange≤1.3.3rc2
Related
cvelist
cvelist
CVE-2022-34558
2022-07-28 22:24:02
prion
prion
Code injection
2022-07-28 23:15:00
nvd
nvd
CVE-2022-34558
2022-07-28 23:15:07
osv
osv
WMAgent arbitrary code execution via a crafted dbs-client package
2022-07-29 00:00:17
cve
cve
CVE-2022-34558
2022-07-28 23:15:07
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.003 Low
EPSS
Percentile
68.6%
Related for GHSA-4VQ7-8699-4XGC