Lucene search

[email protected]NVD:CVE-2022-1405

HistoryAug 31, 2022 - 4:15 p.m.

CVE-2022-1405

2022-08-3116:15:09

CWE-121

[email protected]

web.nvd.nist.gov

cncsoft

versions

input processing

vulnerability

buffer overflow

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

50.6%

JSON

CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.

Affected configurations

NVD

Node

deltawwcncsoftRange<1.01.32

References

www.cisa.gov/uscert/ics/advisories/icsa-22-132-01

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for NVD:CVE-2022-1405

cve1 prion1 cvelist1 ics1