FKIE_CVE-2022-1289
Vulnerability from fkie_nvd - Published: 2022-04-10 16:15 - Updated: 2024-11-21 06:40
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Summary
A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce.
References
| URL | Tags | ||
|---|---|---|---|
| cna@vuldb.com | https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce | Patch, Third Party Advisory | |
| cna@vuldb.com | https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655 | Exploit, Issue Tracking, Third Party Advisory | |
| cna@vuldb.com | https://vuldb.com/?id.196755 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.196755 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tildearrow:furnace:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFFA314-6943-4498-B845-E1A1ABCE4E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E015EA7E-4720-4757-96E9-5260CFBC1043",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E776BB42-A08E-4F3C-947D-332DCB2CBF88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "051B2A23-EDCF-4539-9CA8-E5714F6F6DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE66467-B30B-4B77-BB41-6A4C647E457B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D42E6328-AF1D-45D9-9DBB-382E8EDE3E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E76E15CA-9D90-4B4C-B987-E8608AA60236",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F20B01FD-07A2-4D09-AAE5-11E464D4454B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50763220-BBF6-4CB5-8E05-150B53714F61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB16783-A272-4E66-AF78-17B024DCEA88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6689F024-5C0F-42DC-B048-20268EBE49AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC4CEB4-803F-4D09-905C-270617E56336",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.5:real:*:*:*:*:*:*",
"matchCriteriaId": "7ADEB444-C64D-48EF-8F4E-BA88BD8509B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B0A54674-881E-4448-83A8-9FF06E58ECCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7F8660DE-0B05-48C0-80D5-970EFA31E9F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDBEA41-070A-43B9-A2C6-C168D3C70AE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76BA3B0D-EDC6-4B79-8DDC-09360E93F6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DEC4B-7531-40D8-B476-7C9FE8762515",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA49882-11C5-4F54-AEEE-415F3DC68406",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "198DFD86-6858-41F0-8AA5-CC85F1A27E92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "767CA8B0-9454-4F06-A12E-D7C4555E8BBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E33824AB-E32F-4F82-9E51-138B3183DA80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.7:-:*:*:*:*:*:*",
"matchCriteriaId": "541CF21B-7719-42CB-97F1-CB7AF2F77FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.7:pre4:*:*:*:*:*:*",
"matchCriteriaId": "CD522023-C8DF-4BEA-911F-DE65428FCF34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B8952D4C-334E-43D6-B6B8-0E9EC7F2253B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:0.6:pre0:*:*:*:*:*:*",
"matchCriteriaId": "3F99C267-EA7C-4ADA-8BE9-7E51D143B5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev5:*:*:*:*:*:*:*",
"matchCriteriaId": "73F24C96-A83E-4F53-B852-9262C7CFC387",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B5A5017-B4F4-480E-9CED-ADF09100A4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev7:*:*:*:*:*:*:*",
"matchCriteriaId": "A726A198-CBBD-4FAE-B3D7-C51F0F3D10B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev8:*:*:*:*:*:*:*",
"matchCriteriaId": "05E6200E-5061-4F71-9FD8-E19F9F6D2557",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev9:*:*:*:*:*:*:*",
"matchCriteriaId": "9934631B-564C-4823-B509-75DA02940CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev10:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEAE377-ED50-4A3B-971A-BDB1780EE242",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev62:*:*:*:*:*:*:*",
"matchCriteriaId": "065CEC21-3C18-476F-B714-E2F20233F296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev63:*:*:*:*:*:*:*",
"matchCriteriaId": "9D67EC62-0FFD-4951-BA17-633DCD5C65C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev64:*:*:*:*:*:*:*",
"matchCriteriaId": "87E9A121-6A91-4636-8453-3CFC6FA24B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev65:*:*:*:*:*:*:*",
"matchCriteriaId": "67EFBF91-2CF9-4095-B8DF-425AE1917A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev66:*:*:*:*:*:*:*",
"matchCriteriaId": "C1D41EEE-621B-4366-9097-27EF1472B38A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev67:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAF3983-5034-4095-9221-C464EBE6A0D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev68:*:*:*:*:*:*:*",
"matchCriteriaId": "A145138D-19AB-4290-B145-DBB9DFB025D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev69:*:*:*:*:*:*:*",
"matchCriteriaId": "3F812509-1F77-4024-85EB-CDD325BFCE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev70:*:*:*:*:*:*:*",
"matchCriteriaId": "F60A5D1D-4B4C-4B67-B541-A5F14ACB820A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev71:*:*:*:*:*:*:*",
"matchCriteriaId": "45C270A3-E380-4022-861D-6697DB73D895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev72:*:*:*:*:*:*:*",
"matchCriteriaId": "7A015763-407E-4283-9A39-4CFB9D699110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev73:*:*:*:*:*:*:*",
"matchCriteriaId": "48D91A45-1102-4081-BBEC-ED6CD9DF6689",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev75:*:*:*:*:*:*:*",
"matchCriteriaId": "7F9BFF65-6CB4-4466-B8C1-3584FEBCB626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev76:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB48FE2-3476-4180-8754-724A153DF5C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev77:*:*:*:*:*:*:*",
"matchCriteriaId": "0B8C8373-5E16-493C-B736-26C2676782D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev78:*:*:*:*:*:*:*",
"matchCriteriaId": "37EF1C85-71ED-4592-AF40-88CA608761F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev79:*:*:*:*:*:*:*",
"matchCriteriaId": "73FED9B5-3C85-4C59-B2F7-AC96439A52D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tildearrow:furnace:dev80:*:*:*:*:*:*:*",
"matchCriteriaId": "E53F9DDD-249D-4BD1-8AC9-D361508E8487",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio en tildearrow Furnace. Ha sido clasificada como problem\u00e1tica. Esto es debido a una correcci\u00f3n incompleta de CVE-2022-1211. Es posible iniciar el ataque de forma remota, pero requiere una interacci\u00f3n del usuario. El problema ha sido corregido con el parche 0eb02422d5161767e9983bdaa5c429762d3477ce"
}
],
"id": "CVE-2022-1289",
"lastModified": "2024-11-21T06:40:25.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-10T16:15:07.847",
"references": [
{
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce"
},
{
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655"
},
{
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.196755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/tildearrow/furnace/commit/0eb02422d5161767e9983bdaa5c429762d3477ce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/tildearrow/furnace/issues/325#issuecomment-1094139655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.196755"
}
],
"sourceIdentifier": "cna@vuldb.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "cna@vuldb.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…