CVE-2022-45182

EPSS 1.08%
Veröffentlicht 11.11.2022 20:15:19
Zuletzt bearbeitet 01.05.2025 14:15:34
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Pistar ≫ Pi-star Digital Voice Dashboard Version < 2022-10-03

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.08%	0.771

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-233 Improper Handling of Parameters

The product does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.

https://github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/0ad7d00210fc2c0eb7073e5ed429ac265ccfebbd

Patch

Third Party Advisory

https://github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/1e46533f4051648bc40478d99201f19241bbaa41

Patch

Third Party Advisory

https://github.com/AndyTaylorTweet/Pi-Star_DV_Dash/commit/5aa194df3dfc92cc21f6604bbda32268f4a624ce

Patch

Third Party Advisory

https://github.com/AndyTaylorTweet/Pi-Star_DV_Dash/issues/169

Third Party Advisory

Issue Tracking