CVE Vulnerability

CVE-2022-1958

A vulnerability classified as critical has been found in FileCloud. Affected is an unknown function of the component NTFS Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-201960.

4 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.filecloud.com/supportdocs/fcdoc/2v/server/security-advisories/2022-security-advisories/advisory-2022-06-01-potential-unauthorized-data-access-when-using-network-folders-with-ntfs-permissions Vendor Advisory
https://vuldb.com/?id.201960 Third Party Advisory
https://www.scip.ch/?news.20220615 Third Party Advisory
https://vuldb.com/?ctiid.201960 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:filecloud:filecloud:*:*:*:*:*:*:*:*
Information

Published : 2022-06-15 10:15

Updated : 2023-02-23 05:39

NVD link : CVE-2022-1958

Mitre link : CVE-2022-1958

Products Affected
No products.
CWE
CWE-284