CVE-2022-28478 - Vulnerability Details - OpenCVE

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Seeddms	Seeddms

Configuration 1 [-]

OR	cpe:2.3:a:seeddms:seeddms:5.1.24:::::::*
	cpe:2.3:a:seeddms:seeddms:6.0.17:::::::*

No data.

References

Link	Providers
https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478
https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-06-06T22:17:28

Updated: 2024-08-03T05:56:15.235Z

Reserved: 2022-04-04T00:00:00

Link: CVE-2022-28478

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-06-06T23:15:08.167

Modified: 2024-11-21T06:57:24.503

Link: CVE-2022-28478

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The \"Remove file\" functionality inside the \"Log files management\" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-06-06T22:17:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-28478", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The \"Remove file\" functionality inside the \"Log files management\" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/", "refsource": "MISC", "url": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/"}, {"name": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478", "refsource": "MISC", "url": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:56:15.235Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-28478", "datePublished": "2022-06-06T22:17:28", "dateReserved": "2022-04-04T00:00:00", "dateUpdated": "2024-08-03T05:56:15.235Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:seeddms:seeddms:5.1.24:*:*:*:*:*:*:*", "matchCriteriaId": "B55E788C-44FB-43EE-B20B-7E4410C0A56E", "vulnerable": true}, {"criteria": "cpe:2.3:a:seeddms:seeddms:6.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "54859E66-8CDB-4DC6-B5BA-13DCBC4FDD83", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The \"Remove file\" functionality inside the \"Log files management\" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system."}, {"lang": "es", "value": "SeedDMS versiones 6.0.17 y 5.1.24, son vulnerables a un Salto de Directorio. La funcionalidad \"Remove file\" dentro del men\u00fa \"Log files management\" no sanea la entrada del usuario, lo que permite a atacantes con privilegios de administrador eliminar archivos arbitrarios en el sistema remoto"}], "id": "CVE-2022-28478", "lastModified": "2024-11-21T06:57:24.503", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-06T23:15:08.167", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}