Lucene search

PRIOn knowledge basePRION:CVE-2022-4322

HistoryDec 07, 2022 - 7:15 a.m.

Design/Logic Flaw

2022-12-0707:15:00

PRIOn knowledge base

www.prio-n.com

vulnerability

maku-boot

remote injection

doexecute function

abstractschedulejob.java

critical

scheduled task handler

patch

446eb7294332efca2bfd791bc37281cedac0d0ff

vulnerability identifier

vdb-215013

disclosure

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.6%

JSON

A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This affects the function doExecute of the file AbstractScheduleJob.java of the component Scheduled Task Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 446eb7294332efca2bfd791bc37281cedac0d0ff. It is recommended to apply a patch to fix this issue. The identifier VDB-215013 was assigned to this vulnerability.

CPENameOperatorVersion
maku-bootge1.3.0
maku-bootle2.2.0

CPE	Name	Operator	Version
	maku-boot	ge	1.3.0
	maku-boot	le	2.2.0

References

gitee.com/makunet/maku-boot/commit/446eb7294332efca2bfd791bc37281cedac0d0ff

gitee.com/makunet/maku-boot/issues/I5ZUYI

vuldb.com/?id.215013