CVE-2022-4564

Published: Dic 16, 2022 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2022-51899 Aliases: GSD-2022-4564
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 4,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none

Description

AI Translation Available

A vulnerability classified as problematic has been found in University of Central Florida Materia up to 9.0.0. This affects the function before of the file fuel/app/classes/controller/api.php of the component API Controller. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 9.0.1-alpha1 is able to address this issue. The name of the patch is af259115d2e8f17068e61902151ee8a9dbac397b. It is recommended to upgrade the affected component. The identifier VDB-215973 was assigned to this vulnerability.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0021
Percentile
0,4th
Updated

EPSS Score Trend (Last 91 Days)

352

Cross-Site Request Forgery (CSRF)

Stable
Abstraction: Compound Structure: Composite
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability Non-Repudiation Access Control
Potential Impacts:
Gain Privileges Or Assume Identity Bypass Protection Mechanism Read Application Data Modify Application Data Dos: Crash, Exit, Or Restart
Applicable Platforms
Technologies: Web Based, Web Server
Likelihood of Exploit: Medium
View CWE Details
Application

Materia by Ucf

Product Information
Vendor Ucf
Product Materia
Version Range Affected
To 9.0.0 (inclusive)
cpe:2.3:a:ucf:materia:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/ucfopen/Materia/commit/af259115d2e8f1706…
Patch
https://github.com/ucfopen/Materia/commit/af259115d2e8f17068e61902151ee8a9dbac3…
https://github.com/ucfopen/Materia/pull/1371
Patch
https://github.com/ucfopen/Materia/pull/1371
https://github.com/ucfopen/Materia/releases/tag/v9.0.1-alph…
Release Notes
https://github.com/ucfopen/Materia/releases/tag/v9.0.1-alpha1
https://vuldb.com/?id.215973
Permissions Required Third Party Advisory
https://vuldb.com/?id.215973
https://github.com/ucfopen/Materia/commit/af259115d2e8f1706…
Patch
https://github.com/ucfopen/Materia/commit/af259115d2e8f17068e61902151ee8a9dbac3…
https://github.com/ucfopen/Materia/pull/1371
Patch
https://github.com/ucfopen/Materia/pull/1371
https://github.com/ucfopen/Materia/releases/tag/v9.0.1-alph…
Release Notes
https://github.com/ucfopen/Materia/releases/tag/v9.0.1-alpha1
https://vuldb.com/?id.215973
Permissions Required Third Party Advisory
https://vuldb.com/?id.215973