Lucene search

[email protected]NVD:CVE-2022-47879

HistoryMay 12, 2023 - 2:15 p.m.

CVE-2022-47879

2023-05-1214:15:09

[email protected]

web.nvd.nist.gov

remote code execution

jedox

php classes

authenticated users

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON

A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the ‘rtn’ directory and execute its methods.

Affected configurations

NVD

Node

jedoxjedoxMatch2020.2.5

jedoxjedox_cloudMatch-

References

jedox.com

docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.4%

JSON

Related for NVD:CVE-2022-47879

prion1 cve1 zdt2 packetstorm2 cvelist1 exploitdb2