Lucene search

[email protected]NVD:CVE-2022-29557

HistoryFeb 15, 2023 - 12:15 a.m.

CVE-2022-29557

2023-02-1500:15:10

CWE-352

[email protected]

web.nvd.nist.gov

lexisnexis firco compliance csrf

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

33.1%

JSON

LexisNexis Firco Compliance Link 3.7 allows CSRF.

Affected configurations

Nvd

Node

relxfirco_compliance_linkMatch3.7

VendorProductVersionCPE
relxfirco_compliance_link3.7cpe:2.3:a:relx:firco_compliance_link:3.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
relx	firco_compliance_link	3.7	cpe:2.3:a:relx:firco_compliance_link:3.7:::::::*

References

github.com/Q2Flc2FySec/CVE-List/blob/main/CVE-2022-29557.txt

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.7

Confidence

High

EPSS

0.001

Percentile

33.1%

JSON

Related for NVD:CVE-2022-29557

cvelist1 cve1 prion1