// For flags

CVE-2022-4261

Rapid7 Nexpose Update Validation Issue

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Rapid7 Nexpose and InsightVM versions prior to 6.6.172 failed to reliably validate the authenticity of update contents. This failure could allow an attacker to provide a malicious update and alter the functionality of Rapid7 Nexpose. The attacker would need some pre-existing mechanism to provide a malicious update, either through a social engineering effort, privileged access to replace downloaded updates in transit, or by performing an Attacker-in-the-Middle attack on the update service itself.

Las versiones de Rapid7 Nexpose e InsightVM anteriores a la 6.6.172 no lograron validar de manera confiable la autenticidad del contenido de la actualización. Este fallo podría permitir que un atacante proporcione una actualización maliciosa y altere la funcionalidad de Rapid7 Nexpose. El atacante necesitaría algún mecanismo preexistente para proporcionar una actualización maliciosa, ya sea mediante un esfuerzo de ingeniería social, acceso privilegiado para reemplazar las actualizaciones descargadas en tránsito o realizando un ataque de atacante en el medio en el propio servicio de actualización.

*Credits: Emmett Kelly, Rapid7 Principal Software Engineer
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-12-01 CVE Reserved
  • 2022-12-07 CVE Published
  • 2024-06-29 EPSS Updated
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-494: Download of Code Without Integrity Check
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rapid7
Search vendor "Rapid7"
Insightvm
Search vendor "Rapid7" for product "Insightvm"
< 6.6.172
Search vendor "Rapid7" for product "Insightvm" and version " < 6.6.172"
-
Affected
Rapid7
Search vendor "Rapid7"
Nexpose
Search vendor "Rapid7" for product "Nexpose"
< 6.6.172
Search vendor "Rapid7" for product "Nexpose" and version " < 6.6.172"
-
Affected