Lucene search

K
nvd[email protected]NVD:CVE-2022-0072
HistoryOct 27, 2022 - 8:15 p.m.

CVE-2022-0072

2022-10-2720:15:12
CWE-22
web.nvd.nist.gov
4
litespeed technologies
openlitespeed web server
path traversal
directory traversal
vulnerability
versions.

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

EPSS

0.001

Percentile

31.0%

Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server andΒ LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1

Affected configurations

Nvd
Node
litespeedtechopenlitespeedRange1.6.5–1.6.20.1
OR
litespeedtechopenlitespeedRange1.7.0–1.7.16.1
OR
litespeedtechopenlitespeedMatch1.5.11
OR
litespeedtechopenlitespeedMatch1.5.12
VendorProductVersionCPE
litespeedtechopenlitespeed*cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*
litespeedtechopenlitespeed1.5.11cpe:2.3:a:litespeedtech:openlitespeed:1.5.11:*:*:*:*:*:*:*
litespeedtechopenlitespeed1.5.12cpe:2.3:a:litespeedtech:openlitespeed:1.5.12:*:*:*:*:*:*:*

CVSS3

5.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

EPSS

0.001

Percentile

31.0%

Related for NVD:CVE-2022-0072