CVE-2022-4244
Last modified
CVE-2022-4244 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. EPSS estimates a 1.35% chance of exploitation in the next 30 days.
Description
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Codehaus-Plexus | Plexus-Utils | < 3.0.24 |
| Redhat | Integration Camel K | < 1.10.1 |
References
- https://access.redhat.com/errata/RHSA-2023:2135Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:3906Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2022-4244Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2149841Issue Tracking, Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:2135Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:3906Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2022-4244Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2149841Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2022-4244?
How severe is CVE-2022-4244?
How do I fix CVE-2022-4244?
Are you affected by CVE-2022-4244?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST