Ubuntu.comUB:CVE-2022-30284CVE-2022-30284
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.025 Low
EPSS
Percentile
90.2%
DISPUTED In the python-libnmap package through 0.7.2 for Python,
remote command execution can occur (if used in a client application that
does not validate arguments). NOTE: the vendor believes it would be
unrealistic for an application to call NmapProcess with arguments taken
from input data that arrived over an untrusted network, and thus the CVSS
score corresponds to an unrealistic use case. None of the NmapProcess
documentation implies that this is an expected use case.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | python-libnmap | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | python-libnmap | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | python-libnmap | < any | UNKNOWN |
| ubuntu | 24.04 | noarch | python-libnmap | < any | UNKNOWN |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.025 Low
EPSS
Percentile
90.2%