Vulnerability Name: | CVE-2022-41032 (CCN-237317) | ||||||||||||||||||||||||
Assigned: | 2022-10-11 | ||||||||||||||||||||||||
Published: | 2022-10-11 | ||||||||||||||||||||||||
Updated: | 2022-12-02 | ||||||||||||||||||||||||
Summary: | NuGet Client Elevation of Privilege Vulnerability. | ||||||||||||||||||||||||
CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||
CVSS v2 Severity: | 6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
| ||||||||||||||||||||||||
Vulnerability Type: | CWE-524 | ||||||||||||||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2022-41032 Source: XF Type: UNKNOWN ms-dotnet-cve202241032-priv-esc(237317) Source: secure@microsoft.com Type: Mailing List, Third Party Advisory secure@microsoft.com Source: secure@microsoft.com Type: Mailing List, Third Party Advisory secure@microsoft.com Source: secure@microsoft.com Type: Mailing List, Third Party Advisory secure@microsoft.com Source: CCN Type: Microsoft Security TechCenter - October 2022 CVE-2022-41032 - NuGet Client Elevation of Privilege Vulnerability Source: secure@microsoft.com Type: Patch, Vendor Advisory secure@microsoft.com Source: CCN Type: IBM Security Bulletin 6853463 (Robotic Process Automation for Cloud Pak) Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. | ||||||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: ![]() | ||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||
| |||||||||||||||||||||||||
BACK |