Vulnerabilites related to bigantsoft - bigant_server
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, contiene un control de acceso incorrecto"
}
],
"id": "CVE-2022-23345",
"lastModified": "2024-11-21T06:48:26.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, usa hashes de contrase\u00f1as d\u00e9biles"
}
],
"id": "CVE-2022-23348",
"lastModified": "2024-11-21T06:48:26.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.787",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-916"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-05 02:15
Modified
2024-11-21 06:53
Severity ?
Summary
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Server versi\u00f3n v5.6.06, contiene un problema de control de acceso incorrecto"
}
],
"id": "CVE-2022-26281",
"lastModified": "2024-11-21T06:53:41.563",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-05T02:15:07.433",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
},
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, contiene una vulnerabilidad de tipo cross-site scripting (XSS)"
}
],
"id": "CVE-2022-23350",
"lastModified": "2024-11-21T06:48:27.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.873",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, contiene problemas de control de acceso incorrectos"
}
],
"id": "CVE-2022-23346",
"lastModified": "2024-11-21T06:48:26.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.700",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF)."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF)"
}
],
"id": "CVE-2022-23349",
"lastModified": "2024-11-21T06:48:26.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.830",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks."
},
{
"lang": "es",
"value": "Se ha detectado que BigAnt Software BigAnt Server versi\u00f3n v5.6.06, es vulnerable a ataques de salto de directorio"
}
],
"id": "CVE-2022-23347",
"lastModified": "2024-11-21T06:48:26.690",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.743",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-21 20:15
Modified
2024-11-21 06:48
Severity ?
Summary
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://bigant.com | Not Applicable, Product | |
| cve@mitre.org | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352 | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.bigantsoft.com/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://bigant.com | Not Applicable, Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.bigantsoft.com/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | 5.6.06 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS)."
},
{
"lang": "es",
"value": "Un problema en BigAnt Software BigAnt Server versi\u00f3n v5.6.06, puede conllevar a una Denegaci\u00f3n de Servicio (DoS)"
}
],
"id": "CVE-2022-23352",
"lastModified": "2024-11-21T06:48:27.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-21T20:15:13.917",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Product"
],
"url": "http://bigant.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.bigantsoft.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-835"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-03 20:30
Modified
2024-11-21 01:10
Severity ?
Summary
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| bigantsoft | bigant_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bigantsoft:bigant_server:*:sp6:*:*:*:*:*:*",
"matchCriteriaId": "8917F1B4-BA51-42C7-A498-9C2752C03E2C",
"versionEndIncluding": "2.50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en BigAnt Server 2.50 SP6 y versiones anteriores permiten a atacantes remotos asistidos por el usuario provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) mediante un fichero XIP manipulado que no es manejado de manera adecuada cuando la victima usa el elemento de men\u00fa de la consola (1) Update o (2) Plug-In."
}
],
"id": "CVE-2009-4661",
"lastModified": "2024-11-21T01:10:09.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-03-03T20:30:00.523",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/9695"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/9734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/9695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/9734"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2022-23349
Vulnerability from cvelistv5
Published
2022-03-21 19:26
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:07:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23349",
"datePublished": "2022-03-21T19:26:28",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.411Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23350
Vulnerability from cvelistv5
Published
2022-03-21 19:29
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:07:10",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23350",
"datePublished": "2022-03-21T19:29:34",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-26281
Vulnerability from cvelistv5
Published
2022-04-05 01:50
Modified
2024-08-03 04:56
Severity ?
EPSS score ?
Summary
BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:56:37.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:07:29",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-26281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-26281",
"datePublished": "2022-04-05T01:50:35",
"dateReserved": "2022-02-28T00:00:00",
"dateUpdated": "2024-08-03T04:56:37.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23347
Vulnerability from cvelistv5
Published
2022-03-21 19:23
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.364Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:06:41",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23347",
"datePublished": "2022-03-21T19:23:37",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4661
Vulnerability from cvelistv5
Published
2010-03-03 20:00
Modified
2024-08-07 07:08
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.exploit-db.com/exploits/9695 | exploit, x_refsource_EXPLOIT-DB | |
| http://www.exploit-db.com/exploits/9734 | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9695"
},
{
"name": "9734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9734"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9695",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9695"
},
{
"name": "9734",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9734"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4661",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9695",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9695"
},
{
"name": "9734",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9734"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4661",
"datePublished": "2010-03-03T20:00:00",
"dateReserved": "2010-03-03T00:00:00",
"dateUpdated": "2024-08-07T07:08:38.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23346
Vulnerability from cvelistv5
Published
2022-03-21 19:39
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:06:34",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23346",
"datePublished": "2022-03-21T19:39:32",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23345
Vulnerability from cvelistv5
Published
2022-03-21 19:42
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.449Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:06:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23345",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23345",
"datePublished": "2022-03-21T19:42:29",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.449Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23352
Vulnerability from cvelistv5
Published
2022-03-21 19:35
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.407Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:07:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23352",
"datePublished": "2022-03-21T19:35:48",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23348
Vulnerability from cvelistv5
Published
2022-03-21 19:33
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
References
| ▼ | URL | Tags |
|---|---|---|
| http://bigant.com | x_refsource_MISC | |
| https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348 | x_refsource_MISC | |
| https://www.bigantsoft.com/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bigantsoft.com/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T13:06:53",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://bigant.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bigantsoft.com/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-23348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://bigant.com",
"refsource": "MISC",
"url": "http://bigant.com"
},
{
"name": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348",
"refsource": "MISC",
"url": "https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348"
},
{
"name": "https://www.bigantsoft.com/",
"refsource": "MISC",
"url": "https://www.bigantsoft.com/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23348",
"datePublished": "2022-03-21T19:33:00",
"dateReserved": "2022-01-18T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}