Lucene search

GoogleOSV:CVE-2022-2734

HistoryAug 09, 2022 - 1:15 p.m.

CVE-2022-2734

2022-08-0913:15:08

Google

osv.dev

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.3%

JSON

Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1.

CPENameOperatorVersion
openemreq2_7_2-rc1
openemreq7_0_0
openemreq2_8_1
openemreq2_9_0
openemreq2_8_3
openemreq2_7_3-rc1
openemreq2_7_2
openemreq3_0_1
openemreq3_0_0
openemreq2_7_2-rc2

Name	Operator	Version
openemr	eq	2_7_2-rc1
openemr	eq	7_0_0
openemr	eq	2_8_1
openemr	eq	2_9_0
openemr	eq	2_8_3
openemr	eq	2_7_3-rc1
openemr	eq	2_7_2
openemr	eq	3_0_1
openemr	eq	3_0_0
openemr	eq	2_7_2-rc2

Rows per page:

1-10 of 121

References

github.com/openemr/openemr/commit/203243467675e85b8b479c778e44ae1aac8bad55

huntr.dev/bounties/d8e4c70c-788b-47e9-8141-a08db751d4e6

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.3%

JSON

Related for OSV:CVE-2022-2734