Search for vulnerabilities
Vulnerability details: VCID-c5he-2rr6-3ya6
Vulnerability ID VCID-c5he-2rr6-3ya6
Aliases CVE-2022-37392
Summary Improper Check for Unusual or Exceptional Conditions vulnerability in handling the requests to Apache Traffic Server. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
Status Published
Exploitability 0.5
Weighted Severity 4.8
Risk 2.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-754 Improper Check for Unusual or Exceptional Conditions
System Score Found at
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
epss 0.00179 https://api.first.org/data/v1/epss?cve=CVE-2022-37392
cvssv3.1 5.3 https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
ssvc Track https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
cvssv3.1 5.3 https://nvd.nist.gov/vuln/detail/CVE-2022-37392
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-37392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32749
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37392
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
CVE-2022-37392 https://nvd.nist.gov/vuln/detail/CVE-2022-37392
mrj2lg4s0hf027rk7gz8t7hbn9xpfg02 https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-17T14:20:03Z/ Found at https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-37392
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.39953
EPSS Score 0.00179
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:53:33.074801+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2022/37xxx/CVE-2022-37392.json 37.0.0