CVE-2022-1543 - OpenCVE

Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Erudika	Scoold

Configuration 1 [-]

cpe:2.3:a:erudika:scoold:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/erudika/scoold/commit/62a0e92e1486ddc17676a7ead2c07ff653d167ce	Patch Third Party Advisory
https://huntr.dev/bounties/9889d435-3b9c-4e9d-93bc-5272e0723f9f	Exploit Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: @huntrdev

Published: 2022-04-29T18:10:09

Updated: 2022-04-29T18:10:09

Reserved: 2022-04-29T00:00:00

Link: CVE-2022-1543

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-04-29T18:15:08.843

Modified: 2022-05-11T13:35:57.023

Link: CVE-2022-1543

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "erudika/scoold", "vendor": "erudika", "versions": [{"lessThan": "1.49.4", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-130", "description": "CWE-130 Improper Handling of Length Parameter Inconsistency", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-29T18:10:09", "orgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "shortName": "@huntrdev"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://huntr.dev/bounties/9889d435-3b9c-4e9d-93bc-5272e0723f9f"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/erudika/scoold/commit/62a0e92e1486ddc17676a7ead2c07ff653d167ce"}], "source": {"advisory": "9889d435-3b9c-4e9d-93bc-5272e0723f9f", "discovery": "EXTERNAL"}, "title": "Improper handling of Length parameter in erudika/scoold", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@huntr.dev", "ID": "CVE-2022-1543", "STATE": "PUBLIC", "TITLE": "Improper handling of Length parameter in erudika/scoold"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "erudika/scoold", "version": {"version_data": [{"version_affected": "<", "version_value": "1.49.4"}]}}]}, "vendor_name": "erudika"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-130 Improper Handling of Length Parameter Inconsistency"}]}]}, "references": {"reference_data": [{"name": "https://huntr.dev/bounties/9889d435-3b9c-4e9d-93bc-5272e0723f9f", "refsource": "CONFIRM", "url": "https://huntr.dev/bounties/9889d435-3b9c-4e9d-93bc-5272e0723f9f"}, {"name": "https://github.com/erudika/scoold/commit/62a0e92e1486ddc17676a7ead2c07ff653d167ce", "refsource": "MISC", "url": "https://github.com/erudika/scoold/commit/62a0e92e1486ddc17676a7ead2c07ff653d167ce"}]}, "source": {"advisory": "9889d435-3b9c-4e9d-93bc-5272e0723f9f", "discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a", "assignerShortName": "@huntrdev", "cveId": "CVE-2022-1543", "datePublished": "2022-04-29T18:10:09", "dateReserved": "2022-04-29T00:00:00", "dateUpdated": "2022-04-29T18:10:09", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:erudika:scoold:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5AE1369-8484-493D-9DC2-6FE34C4E29BE", "versionEndExcluding": "1.49.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Improper handling of Length parameter in GitHub repository erudika/scoold prior to 1.49.4. When the text size is large enough the service results in a momentary outage in a production environment. That can lead to memory corruption on the server."}, {"lang": "es", "value": "Un Manejo Inapropiado del Par\u00e1metro Length en el repositorio de GitHub erudika/scoold versiones anteriores a 1.49.4. Cuando el tama\u00f1o del texto es lo suficientemente grande, el servicio resulta en una interrupci\u00f3n moment\u00e1nea en un entorno de producci\u00f3n. Esto puede conllevar a una corrupci\u00f3n de memoria en el servidor"}], "id": "CVE-2022-1543", "lastModified": "2022-05-11T13:35:57.023", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "security@huntr.dev", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-29T18:15:08.843", "references": [{"source": "security@huntr.dev", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/erudika/scoold/commit/62a0e92e1486ddc17676a7ead2c07ff653d167ce"}, {"source": "security@huntr.dev", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.dev/bounties/9889d435-3b9c-4e9d-93bc-5272e0723f9f"}], "sourceIdentifier": "security@huntr.dev", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-130"}], "source": "security@huntr.dev", "type": "Secondary"}]}