Lucene search
GoogleOSV:CVE-2022-36521HistoryAug 26, 2022 - 2:15 p.m.
CVE-2022-36521
2022-08-2614:15:08
Google
osv.dev
3
cskefu
permissions
unauthenticated
administrator
accounts
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
35.7%
Insecure permissions in cskefu v7.0.1 allows unauthenticated attackers to arbitrarily add administrator accounts.
References
Related
prion
prion
Code injection
2022-08-26 14:15:00
cve
cve
CVE-2022-36521
2022-08-26 14:15:08
cvelist
cvelist
CVE-2022-36521
2022-08-26 13:52:36
nvd
nvd
CVE-2022-36521
2022-08-26 14:15:08
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
35.7%
Related for OSV:CVE-2022-36521