CVE-2022-38165
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server.
La escritura arbitraria de archivos en F-Secure Policy Manager hasta el 10 de agosto de 2022 permite a usuarios no autenticados escribir el archivo con el contenido en ubicaciones arbitrarias en el servidor de F-Secure Policy Manager.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-08-11 CVE Reserved
- 2022-11-17 CVE Published
- 2024-06-09 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.withsecure.com/en/support/security-advisories/cve-2022-38165 | 2022-11-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Withsecure Search vendor "Withsecure" | F-secure Policy Manager Search vendor "Withsecure" for product "F-secure Policy Manager" | - | linux_kernel |
Affected
| ||||||
| Withsecure Search vendor "Withsecure" | F-secure Policy Manager Search vendor "Withsecure" for product "F-secure Policy Manager" | - | windows |
Affected
| ||||||