Lucene search

[email protected]NVD:CVE-2022-23769

HistoryOct 17, 2022 - 4:15 p.m.

CVE-2022-23769

2022-10-1716:15:20

CWE-287

[email protected]

web.nvd.nist.gov

vulnerability

reversewall-mds

user privilege verification

remote code execution

account theft

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

74.8%

JSON

Remote code execution vulnerability due to insufficient user privilege verification in reverseWall-MDS. Remote attackers can exploit the vulnerability such as stealing account, through remote code execution.

Affected configurations

Nvd

Node

megazonereversewall-mdsRange<3.8_a008aws

AND

microsoftwindowsMatch-

VendorProductVersionCPE
megazonereversewall-mds*cpe:2.3:a:megazone:reversewall-mds:*:*:*:*:*:aws:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
megazone	reversewall-mds	*	cpe:2.3:a:megazone:reversewall-mds::::::aws::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66962

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

74.8%

JSON

Related for NVD:CVE-2022-23769

prion1 cve1 cvelist1