The configuration backend allows an unauthenticated user to write arbitrary data with root privileges to the storage, which could lead to unauthenticated remote code execution and full system compromise.
References
Link | Resource |
---|---|
https://cert.vde.com/en/advisories/VDE-2022-060/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: CERTVDE
Published: 2023-02-27T14:36:39.448Z
Updated: 2023-02-27T14:36:39.448Z
Reserved: 2022-11-10T09:46:59.080Z
Link: CVE-2022-45140
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-02-27T15:15:11.503
Modified: 2023-03-07T21:49:30.787
Link: CVE-2022-45140
JSON object: View
Redhat Information
No data.
CWE