CVE Details for CVE: CVE-2022-25318
Summary
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups.
Timestamps
Last major update 25-02-2022 - 15:34
Published 18-02-2022 - 06:15
Last modified 25-02-2022 - 15:34
Vulnerable Configurations
  • cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*
    cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
CVSS
Base
4.0
Impact
2.9
Exploitability
8.0
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
CVSS3
Base
4.3
Impact
1.4
Exploitability
2.8
Access
Attack ComplexityAttack vectorPrivileges RequiredScopeUser Interaction
LOW NETWORK LOW UNCHANGED NONE
Impact
ConfidentialityIntegrityAvailability
NONE LOW NONE
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:S/C:N/I:P/A:N
cvss3-vector via4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N