Search for vulnerabilities
Vulnerability details: VCID-dwgf-f1eg-aaaf
Vulnerability ID VCID-dwgf-f1eg-aaaf
Aliases CVE-2022-23181
GHSA-9f3j-pm6f-9fm5
Summary Race condition in Apache Tomcat
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
rhas Important https://access.redhat.com/errata/RHSA-2022:5532
cvssv3 7.0 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23181.json
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00043 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00135 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.0015 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2022-23181
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=2047417
apache_tomcat Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181
cvssv3.1 7 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-9f3j-pm6f-9fm5
cvssv3.1 7.5 https://github.com/apache/tomcat
generic_textual HIGH https://github.com/apache/tomcat
cvssv3.1 7.0 https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
generic_textual HIGH https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
cvssv3.1 7.5 https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
generic_textual HIGH https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
cvssv2 3.7 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
cvssv3 7.0 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
cvssv3.1 7.0 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
cvssv3.1 7.0 https://security.netapp.com/advisory/ntap-20220217-0010
generic_textual HIGH https://security.netapp.com/advisory/ntap-20220217-0010
cvssv3.1 7.5 https://www.debian.org/security/2022/dsa-5265
generic_textual HIGH https://www.debian.org/security/2022/dsa-5265
cvssv3.1 5.3 https://www.oracle.com/security-alerts/cpuapr2022.html
generic_textual MODERATE https://www.oracle.com/security-alerts/cpuapr2022.html
cvssv3.1 7.5 https://www.oracle.com/security-alerts/cpujul2022.html
generic_textual HIGH https://www.oracle.com/security-alerts/cpujul2022.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23181.json
https://api.first.org/data/v1/epss?cve=CVE-2022-23181
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/apache/tomcat
https://github.com/apache/tomcat/commit/094800b12d6c958d7b4540372c5a95698658ada1
https://github.com/apache/tomcat/commit/1385c624b4a1e994426e810075c850edc38a700e
https://github.com/apache/tomcat/commit/70da1aaa51e0f9d088438e9d958812a144e12754
https://github.com/apache/tomcat/commit/97943959ba721ad5e8e8ba765a68d2b153348530
https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
https://security.netapp.com/advisory/ntap-20220217-0010
https://security.netapp.com/advisory/ntap-20220217-0010/
https://www.debian.org/security/2022/dsa-5265
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpujul2022.html
2047417 https://bugzilla.redhat.com/show_bug.cgi?id=2047417
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone10:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.0.0:milestone9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:tomcat:10.1.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:financial_services_crime_and_compliance_management_studio:8.0.8.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
CVE-2022-23181 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23181
CVE-2022-23181 https://nvd.nist.gov/vuln/detail/CVE-2022-23181
GHSA-9f3j-pm6f-9fm5 https://github.com/advisories/GHSA-9f3j-pm6f-9fm5
RHSA-2022:5532 https://access.redhat.com/errata/RHSA-2022:5532
RHSA-2022:7272 https://access.redhat.com/errata/RHSA-2022:7272
RHSA-2022:7273 https://access.redhat.com/errata/RHSA-2022:7273
RHSA-2023:0272 https://access.redhat.com/errata/RHSA-2023:0272
USN-6943-1 https://usn.ubuntu.com/6943-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23181.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/apache/tomcat
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://lists.apache.org/thread/l8x62p3k19yfcb208jo4zrb83k5mfwg9
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.debian.org/debian-lts-announce/2022/10/msg00029.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2022-23181
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-23181
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-23181
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20220217-0010
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://www.debian.org/security/2022/dsa-5265
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://www.oracle.com/security-alerts/cpuapr2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://www.oracle.com/security-alerts/cpujul2022.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.10667
EPSS Score 0.00043
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.