Lucene search
HistoryJul 17, 2022 - 11:15 p.m.
CVE-2022-30981
gentics cms
zip file
java code execution
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.7%
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an attacker is able to deserialize arbitrary data and hence can potentially achieve Java code execution.
Affected configurations
Node
genticsgentics_cmsRange<5.43.1
Related
cvelist
cvelist
CVE-2022-30981
2022-07-17 22:24:51
prion
prion
Remote code execution
2022-07-17 23:15:00
cve
cve
CVE-2022-30981
2022-07-17 23:15:08
zdt
zdt
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization Vulnerability
2022-06-21 00:00:00
packetstorm
packetstorm
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
2022-06-20 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
45.7%
Related for NVD:CVE-2022-30981