1. CVE-Search
  2. CVE-2022-20796
ID CVE-2022-20796
Summary On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog.
References
Vulnerable Configurations
  • cpe:2.3:a:clamav:clamav:0.103.4:*:*:*:*:*:*:*
    cpe:2.3:a:clamav:clamav:0.103.4:*:*:*:*:*:*:*
  • cpe:2.3:a:clamav:clamav:0.103.5:*:*:*:*:*:*:*
    cpe:2.3:a:clamav:clamav:0.103.5:*:*:*:*:*:*:*
  • cpe:2.3:a:clamav:clamav:0.104.1:*:*:*:*:*:*:*
    cpe:2.3:a:clamav:clamav:0.104.1:*:*:*:*:*:*:*
  • cpe:2.3:a:clamav:clamav:0.104.2:*:*:*:*:*:*:*
    cpe:2.3:a:clamav:clamav:0.104.2:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:windows:*:*
    cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:macos:*:*
    cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:macos:*:*
  • cpe:2.3:a:cisco:secure_endpoint:1.18.0:*:*:*:*:macos:*:*
    cpe:2.3:a:cisco:secure_endpoint:1.18.0:*:*:*:*:macos:*:*
  • cpe:2.3:a:cisco:secure_endpoint:1.18.1:*:*:*:*:macos:*:*
    cpe:2.3:a:cisco:secure_endpoint:1.18.1:*:*:*:*:macos:*:*
  • cpe:2.3:a:cisco:secure_endpoint:1.18.0:*:*:*:*:linux:*:*
    cpe:2.3:a:cisco:secure_endpoint:1.18.0:*:*:*:*:linux:*:*
  • cpe:2.3:a:cisco:secure_endpoint:1.18.1:*:*:*:*:linux:*:*
    cpe:2.3:a:cisco:secure_endpoint:1.18.1:*:*:*:*:linux:*:*
  • cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:linux:*:*
    cpe:2.3:a:cisco:secure_endpoint:-:*:*:*:*:linux:*:*
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
CVSS
Base: 4.9 (as of 01-10-2023 - 11:15)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:C
Last major update 01-10-2023 - 11:15
Published 04-05-2022 - 17:15
Last modified 01-10-2023 - 11:15
Back to Top