Search for vulnerabilities
Vulnerability details: VCID-cw1s-b871-aaab
Vulnerability ID VCID-cw1s-b871-aaab
Aliases CVE-2022-22720
Summary Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Status Published
Exploitability 0.5
Weighted Severity 8.8
Risk 4.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2022:1045
rhas Important https://access.redhat.com/errata/RHSA-2022:1049
rhas Important https://access.redhat.com/errata/RHSA-2022:1072
rhas Important https://access.redhat.com/errata/RHSA-2022:1075
rhas Important https://access.redhat.com/errata/RHSA-2022:1080
rhas Important https://access.redhat.com/errata/RHSA-2022:1102
rhas Important https://access.redhat.com/errata/RHSA-2022:1136
rhas Important https://access.redhat.com/errata/RHSA-2022:1137
rhas Important https://access.redhat.com/errata/RHSA-2022:1138
rhas Important https://access.redhat.com/errata/RHSA-2022:1139
rhas Important https://access.redhat.com/errata/RHSA-2022:1173
rhas Important https://access.redhat.com/errata/RHSA-2022:1389
rhas Important https://access.redhat.com/errata/RHSA-2022:1390
cvssv3 8.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json
epss 0.00345 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00345 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00345 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00345 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.00955 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.01038 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.01038 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.01038 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.01038 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.01038 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.23933 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.23933 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.23933 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.24404 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.24404 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32337 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32337 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32337 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32337 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32337 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.32823 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.34972 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.35539 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.35539 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.35539 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.35539 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.35539 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.36606 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.37181 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
epss 0.76101 https://api.first.org/data/v1/epss?cve=CVE-2022-22720
rhbs high https://bugzilla.redhat.com/show_bug.cgi?id=2064321
cvssv3.1 7.5 http://seclists.org/fulldisclosure/2022/May/33
generic_textual HIGH http://seclists.org/fulldisclosure/2022/May/33
cvssv3.1 7.5 http://seclists.org/fulldisclosure/2022/May/35
generic_textual HIGH http://seclists.org/fulldisclosure/2022/May/35
cvssv3.1 7.5 http://seclists.org/fulldisclosure/2022/May/38
generic_textual HIGH http://seclists.org/fulldisclosure/2022/May/38
cvssv3.1 7.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
apache_httpd important https://httpd.apache.org/security/json/CVE-2022-22720.json
cvssv3.1 7.5 https://httpd.apache.org/security/vulnerabilities_24.html
generic_textual HIGH https://httpd.apache.org/security/vulnerabilities_24.html
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2022-22720
cvssv3 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22720
cvssv3.1 9.8 https://nvd.nist.gov/vuln/detail/CVE-2022-22720
cvssv3.1 7.5 https://support.apple.com/kb/HT213255
generic_textual HIGH https://support.apple.com/kb/HT213255
cvssv3.1 7.5 https://support.apple.com/kb/HT213256
generic_textual HIGH https://support.apple.com/kb/HT213256
cvssv3.1 7.5 https://support.apple.com/kb/HT213257
generic_textual HIGH https://support.apple.com/kb/HT213257
cvssv3.1 5.3 https://www.oracle.com/security-alerts/cpuapr2022.html
generic_textual MODERATE https://www.oracle.com/security-alerts/cpuapr2022.html
cvssv3.1 7.5 https://www.oracle.com/security-alerts/cpujul2022.html
generic_textual HIGH https://www.oracle.com/security-alerts/cpujul2022.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json
https://api.first.org/data/v1/epss?cve=CVE-2022-22720
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22720
http://seclists.org/fulldisclosure/2022/May/33
http://seclists.org/fulldisclosure/2022/May/35
http://seclists.org/fulldisclosure/2022/May/38
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://httpd.apache.org/security/vulnerabilities_24.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00033.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGWILBORT67SHMSLYSQZG2NMXGCMPUZO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X73C35MMMZGBVPQQCH7LQZUMYZNQA5FO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z7H26WJ6TPKNWV3QKY4BHKUKQVUTZJTD/
https://security.gentoo.org/glsa/202208-20
https://security.netapp.com/advisory/ntap-20220321-0001/
https://support.apple.com/kb/HT213255
https://support.apple.com/kb/HT213256
https://support.apple.com/kb/HT213257
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
http://www.openwall.com/lists/oss-security/2022/03/14/3
2064321 https://bugzilla.redhat.com/show_bug.cgi?id=2064321
cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
CVE-2022-22720 https://httpd.apache.org/security/json/CVE-2022-22720.json
CVE-2022-22720 https://nvd.nist.gov/vuln/detail/CVE-2022-22720
RHSA-2022:1045 https://access.redhat.com/errata/RHSA-2022:1045
RHSA-2022:1049 https://access.redhat.com/errata/RHSA-2022:1049
RHSA-2022:1072 https://access.redhat.com/errata/RHSA-2022:1072
RHSA-2022:1075 https://access.redhat.com/errata/RHSA-2022:1075
RHSA-2022:1080 https://access.redhat.com/errata/RHSA-2022:1080
RHSA-2022:1102 https://access.redhat.com/errata/RHSA-2022:1102
RHSA-2022:1136 https://access.redhat.com/errata/RHSA-2022:1136
RHSA-2022:1137 https://access.redhat.com/errata/RHSA-2022:1137
RHSA-2022:1138 https://access.redhat.com/errata/RHSA-2022:1138
RHSA-2022:1139 https://access.redhat.com/errata/RHSA-2022:1139
RHSA-2022:1173 https://access.redhat.com/errata/RHSA-2022:1173
RHSA-2022:1389 https://access.redhat.com/errata/RHSA-2022:1389
RHSA-2022:1390 https://access.redhat.com/errata/RHSA-2022:1390
USN-5333-1 https://usn.ubuntu.com/5333-1/
USN-5333-2 https://usn.ubuntu.com/5333-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22720.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2022/May/33
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2022/May/35
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://seclists.org/fulldisclosure/2022/May/38
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://httpd.apache.org/security/vulnerabilities_24.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22720
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22720
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-22720
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT213255
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT213256
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://support.apple.com/kb/HT213257
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuapr2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.oracle.com/security-alerts/cpujul2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.71324
EPSS Score 0.00345
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.