VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-2upq-2rss-aaag

Essentials
Severities (110)
References (44)
Severity details (18)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-2upq-2rss-aaag
Aliases	CVE-2022-4245 GHSA-jcwr-x25h-x5fh
Summary	A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-611	Improper Restriction of XML External Entity Reference
CWE-91	XML Injection (aka Blind XPath Injection)
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2023:2135
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:2135
cvssv3.1	4.3	https://access.redhat.com/errata/RHSA-2023:3906
ssvc	Track	https://access.redhat.com/errata/RHSA-2023:3906
cvssv3	4.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4245.json
cvssv3.1	4.3	https://access.redhat.com/security/cve/CVE-2022-4245
generic_textual	MODERATE	https://access.redhat.com/security/cve/CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00054	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00065	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00138	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00208	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
epss	0.00341	https://api.first.org/data/v1/epss?cve=CVE-2022-4245
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-jcwr-x25h-x5fh
cvssv3.1	4.3	https://github.com/codehaus-plexus/plexus-utils
generic_textual	MODERATE	https://github.com/codehaus-plexus/plexus-utils
cvssv3.1	4.3	https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de
generic_textual	MODERATE	https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de
cvssv3.1	4.3	https://github.com/codehaus-plexus/plexus-utils/issues/3
generic_textual	MODERATE	https://github.com/codehaus-plexus/plexus-utils/issues/3
cvssv3	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-4245
cvssv3.1	4.3	https://nvd.nist.gov/vuln/detail/CVE-2022-4245
cvssv3.1	4.3	https://security.snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-461102
generic_textual	MODERATE	https://security.snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-461102

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4245.json
		https://access.redhat.com/security/cve/CVE-2022-4245
		https://api.first.org/data/v1/epss?cve=CVE-2022-4245
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4245
		https://github.com/codehaus-plexus/plexus-utils
		https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de
		https://github.com/codehaus-plexus/plexus-utils/issues/3
		https://security.snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-461102
2149843		https://bugzilla.redhat.com/show_bug.cgi?id=2149843
cpe:2.3:a:codehaus-plexus:plexus-utils::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:codehaus-plexus:plexus-utils::::::::
cpe:2.3:a:codehaus-plexus_project:codehaus-plexus::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:codehaus-plexus_project:codehaus-plexus::::::::
cpe:2.3:a:redhat:integration_camel_k::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:integration_camel_k::::::::
cpe:/a:redhat:amq_broker:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_broker:7
cpe:/a:redhat:a_mq_clients:2		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:a_mq_clients:2
cpe:/a:redhat:amq_online:1		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_online:1
cpe:/a:redhat:camel_k:1		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_k:1
cpe:/a:redhat:camel_quarkus:2		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_quarkus:2
cpe:/a:redhat:camel_spring_boot:3		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:camel_spring_boot:3
cpe:/a:redhat:integration:1		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:integration:1
cpe:/a:redhat:jboss_data_grid:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:7
cpe:/a:redhat:jboss_data_grid:8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_data_grid:8
cpe:/a:redhat:jbosseapxp		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jbosseapxp
cpe:/a:redhat:jboss_enterprise_application_platform:6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:6
cpe:/a:redhat:jboss_enterprise_application_platform:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_application_platform:7
cpe:/a:redhat:jboss_enterprise_bpms_platform:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7
cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_bpms_platform:7.13
cpe:/a:redhat:jboss_enterprise_brms_platform:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_brms_platform:7
cpe:/a:redhat:jboss_enterprise_web_server:3		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_web_server:3
cpe:/a:redhat:jboss_enterprise_web_server:5		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_enterprise_web_server:5
cpe:/a:redhat:jboss_fuse:6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:6
cpe:/a:redhat:jboss_fuse:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse:7
cpe:/a:redhat:jboss_fuse_service_works:6		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:jboss_fuse_service_works:6
cpe:/a:redhat:openshift_application_runtimes:1.0		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_application_runtimes:1.0
cpe:/a:redhat:quarkus:2		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:quarkus:2
cpe:/a:redhat:red_hat_single_sign_on:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:red_hat_single_sign_on:7
cpe:/a:redhat:rhel_software_collections:3		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_software_collections:3
cpe:/a:redhat:service_registry:2		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_registry:2
cpe:/o:redhat:enterprise_linux:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
CVE-2022-4245		https://nvd.nist.gov/vuln/detail/CVE-2022-4245
GHSA-jcwr-x25h-x5fh		https://github.com/advisories/GHSA-jcwr-x25h-x5fh
RHSA-2023:2135		https://access.redhat.com/errata/RHSA-2023:2135
RHSA-2023:3906		https://access.redhat.com/errata/RHSA-2023:3906

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2023:2135

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:37:50Z/ Found at https://access.redhat.com/errata/RHSA-2023:2135

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2023:3906

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T17:32:13Z/ Found at https://access.redhat.com/errata/RHSA-2023:3906

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4245.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2022-4245

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/codehaus-plexus/plexus-utils

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/codehaus-plexus/plexus-utils/commit/f933e5e78dc2637e485447ed821fe14904f110de

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://github.com/codehaus-plexus/plexus-utils/issues/3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-4245

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-4245

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://security.snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-461102

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.13932
EPSS Score	0.00054
Published At	April 5, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.