cvelistv5 - cve-2022-45797

cve-2022-45797

Vulnerability from cvelistv5

Published

2022-12-01 14:12

Modified

2024-08-03 14:17

Severity ?

Summary

An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

References

▼	URL	Tags
	security@trendmicro.com	https://success.trendmicro.com/solution/000291830	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://success.trendmicro.com/solution/000291830	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Trend Micro, Inc.

Trend Micro Apex One

Version: On Premise (14.0) ≤
Version: SaaS (14.0) ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:17:04.037Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000291830"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "14.0.0.11136",
              "status": "affected",
              "version": "On Premise (14.0)",
              "versionType": "semver"
            },
            {
              "lessThan": "14.0.11840",
              "status": "affected",
              "version": "SaaS (14.0)",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-12T01:49:10.008967Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/solution/000291830"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-45797",
    "datePublished": "2022-12-01T14:12:42.349Z",
    "dateReserved": "2022-11-22T18:47:23.595Z",
    "dateUpdated": "2024-08-03T14:17:04.037Z",
    "requesterUserId": "991278ee-fac5-4c3e-9a99-335119fe6921",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-45797\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2022-12-12T09:15:12.840\",\"lastModified\":\"2024-11-21T07:29:44.403\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations.\\r\\n\\r\\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de eliminaci\u00f3n arbitraria de archivos en el componente Damage Cleanup Engine de Trend Micro Apex One y Trend Micro Apex One as a Service podr\u00eda permitir a un atacante local escalar privilegios y eliminar archivos en las instalaciones afectadas. Tenga en cuenta: un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*\",\"matchCriteriaId\":\"97D177B6-2542-4D3D-873D-0243DEE3F0A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:-:*:*:*\",\"matchCriteriaId\":\"625B375C-C25B-4739-BD1A-BD2969CB3AF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/solution/000291830\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000291830\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2022-45797

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2022-45797

Aliases

CVE-2022-45797

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-45797",
    "description": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
    "id": "GSD-2022-45797"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-45797"
      ],
      "details": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
      "id": "GSD-2022-45797",
      "modified": "2023-12-13T01:19:24.540869Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2022-45797",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Apex One",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "On Premise (14.0)"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "SaaS (14.0)"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro, Inc."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://success.trendmicro.com/solution/000291830",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/solution/000291830"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:-:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:apex_one:-:*:*:*:saas:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-45797"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000291830",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/000291830"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.2
        }
      },
      "lastModifiedDate": "2022-12-13T22:12Z",
      "publishedDate": "2022-12-12T09:15Z"
    }
  }
}

wid-sec-w-2022-2227

Vulnerability from csaf_certbund

Published

2022-12-05 23:00

Modified

2023-02-09 23:00

Summary

Trend Micro Apex One: Mehrere Schwachstellen ermöglichen Löschen von Dateien

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Trend Micro Apex One ist eine Endpoint-Security Lösung.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Trend Micro Apex One ausnutzen, um Dateien zu löschen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Trend Micro Apex One ist eine Endpoint-Security L\u00f6sung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Trend Micro Apex One ausnutzen, um Dateien zu l\u00f6schen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2022-2227 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2227.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2022-2227 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2227"
      },
      {
        "category": "external",
        "summary": "Trendmicro Security Bulletin",
        "url": "https://success.trendmicro.com/dcx/s/solution/000292202"
      },
      {
        "category": "external",
        "summary": "Trend Micro Security Bulletin vom 2022-12-05",
        "url": "https://success.trendmicro.com/dcx/s/solution/000291830?language=en_US"
      }
    ],
    "source_lang": "en-US",
    "title": "Trend Micro Apex One: Mehrere Schwachstellen erm\u00f6glichen L\u00f6schen von Dateien",
    "tracking": {
      "current_release_date": "2023-02-09T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:39:10.137+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2022-2227",
      "initial_release_date": "2022-12-05T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2022-12-05T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2023-02-09T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Trend Micro aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Trend Micro Apex One \u003c 2019 SP1 CP b11136",
                "product": {
                  "name": "Trend Micro Apex One \u003c 2019 SP1 CP b11136",
                  "product_id": "T025489",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:apex_one:2019_sp1_cp_b11136"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Trend Micro Apex One \u003c 202211  Agent 14.0.11840",
                "product": {
                  "name": "Trend Micro Apex One \u003c 202211  Agent 14.0.11840",
                  "product_id": "T025490",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:trendmicro:apex_one:202211__agent_14.0.11840"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Apex One"
          },
          {
            "category": "product_name",
            "name": "Trend Micro Worry-Free Business Security \u003c 10.0 SP1 Patch 2454",
            "product": {
              "name": "Trend Micro Worry-Free Business Security \u003c 10.0 SP1 Patch 2454",
              "product_id": "T026214",
              "product_identification_helper": {
                "cpe": "cpe:/a:trendmicro:worry-free_business_security:10.0_sp1_patch_2454"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Trend Micro"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-45798",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Apex One. Ein Problem in der Komponente Damage Cleanup Engine erm\u00f6glicht einem lokalen Angreifer, seine Rechte zu erweitern, indem er einen symbolischen Link erstellt und den Dienst zum L\u00f6schen einer Datei missbraucht."
        }
      ],
      "product_status": {
        "known_affected": [
          "T026214"
        ]
      },
      "release_date": "2022-12-05T23:00:00.000+00:00",
      "title": "CVE-2022-45798"
    },
    {
      "cve": "CVE-2022-45797",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in Trend Micro Apex One. Ein Problem in der Damage Cleanup Engine Komponente erm\u00f6glicht es einem lokalen Angreifer, seine Rechte zu erweitern und Dateien auf betroffenen Installationen zu l\u00f6schen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T026214"
        ]
      },
      "release_date": "2022-12-05T23:00:00.000+00:00",
      "title": "CVE-2022-45797"
    }
  ]
}

cve-2022-45797

Vulnerability from jvndb

Published

2022-12-26 16:21

Modified

2024-05-30 17:47

Severity ?

7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service

Details

Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

▼	Type	URL
	JVN	https://jvn.jp/en/vu/JVNVU96679793/index.html
	JVN	http://jvn.jp/en/vu/JVNVU91848962/index.html
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-45797
	CVE	https://www.cve.org/CVERecord?id=CVE-2022-45798
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-45797
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-45798
	Link Following(CWE-59)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	No Mapping(CWE-noinfo)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

▼	Vendor	Product
	Trend Micro, Inc.	Apex One

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
  "dc:date": "2024-05-30T17:47+09:00",
  "dcterms:issued": "2022-12-26T16:21+09:00",
  "dcterms:modified": "2024-05-30T17:47+09:00",
  "description": "Trend Micro Incorporated has released security updates for Apex One and Apex One as a Service.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2022/JVNDB-2022-002836.html",
  "sec:cpe": {
    "#text": "cpe:/a:trendmicro:apex_one",
    "@product": "Apex One",
    "@vendor": "Trend Micro, Inc.",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "7.8",
    "@severity": "High",
    "@type": "Base",
    "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "@version": "3.0"
  },
  "sec:identifier": "JVNDB-2022-002836",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU96679793/index.html",
      "@id": "JVNVU#96679793",
      "@source": "JVN"
    },
    {
      "#text": "http://jvn.jp/en/vu/JVNVU91848962/index.html",
      "@id": "JVNVU#91848962",
      "@source": "JVN"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45797",
      "@id": "CVE-2022-45797",
      "@source": "CVE"
    },
    {
      "#text": "https://www.cve.org/CVERecord?id=CVE-2022-45798",
      "@id": "CVE-2022-45798",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45797",
      "@id": "CVE-2022-45797",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45798",
      "@id": "CVE-2022-45798",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-59",
      "@title": "Link Following(CWE-59)"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-noinfo",
      "@title": "No Mapping(CWE-noinfo)"
    }
  ],
  "title": "Multiple vulnerabilities in Trend Micro Apex One and Apex One as a Service"
}

ghsa-6wwx-mc3p-m6jg

Vulnerability from github

Published

2022-12-12 09:30

Modified

2022-12-14 00:30

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-45797"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-12T09:15:00Z",
    "severity": "HIGH"
  },
  "details": "An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-6wwx-mc3p-m6jg",
  "modified": "2022-12-14T00:30:23Z",
  "published": "2022-12-12T09:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45797"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000291830"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2022-45797

Vulnerability from cvelistv5

gsd-2022-45797

Vulnerability from gsd

wid-sec-w-2022-2227

Vulnerability from csaf_certbund

cve-2022-45797

Vulnerability from jvndb

ghsa-6wwx-mc3p-m6jg

Vulnerability from github

Tags

Sightings

Nomenclature