CVE-2022-4818

Published: Dic 28, 2022 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2022-52095 Aliases: GSD-2022-4818
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,5
Source: [email protected]
Attack Vector: adjacent_network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: low
Availability: low

Description

AI Translation Available

A vulnerability was found in Talend Open Studio for MDM. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file org.talend.mdm.core/src/com/amalto/core/storage/SystemStorageWrapper.java. The manipulation leads to xml external entity reference. Upgrading to version 20221220_1938 is able to address this issue. The name of the patch is 95590db2ad6a582c371273ceab1a73ad6ed47853. It is recommended to upgrade the affected component. The identifier VDB-216997 was assigned to this vulnerability.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0038
Percentile
0,6th
Updated

EPSS Score Trend (Last 90 Days)

611

Improper Restriction of XML External Entity Reference

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Integrity Availability
Potential Impacts:
Read Application Data Read Files Or Directories Bypass Protection Mechanism Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory)
Applicable Platforms
Languages: Not Language-Specific, XML
Technologies: Not Technology-Specific, Web Based
View CWE Details
Application

Open Studio For Mdm by Talend

Product Information
Vendor Talend
Product Open Studio For Mdm
Version Range Affected
To 20221220_1938 (exclusive)
cpe:2.3:a:talend:open_studio_for_mdm:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://github.com/Talend/tmdm-server-se/commit/95590db2ad6…
Patch Third Party Advisory
https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73a…
https://github.com/Talend/tmdm-server-se/pull/1598
Third Party Advisory
https://github.com/Talend/tmdm-server-se/pull/1598
https://github.com/Talend/tmdm-server-se/releases/tag/snap%…
Broken Link Third Party Advisory
https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_…
https://vuldb.com/?ctiid.216997
Third Party Advisory
https://vuldb.com/?ctiid.216997
https://vuldb.com/?id.216997
Third Party Advisory
https://vuldb.com/?id.216997
https://github.com/Talend/tmdm-server-se/commit/95590db2ad6…
Patch Third Party Advisory
https://github.com/Talend/tmdm-server-se/commit/95590db2ad6a582c371273ceab1a73a…
https://github.com/Talend/tmdm-server-se/pull/1598
Third Party Advisory
https://github.com/Talend/tmdm-server-se/pull/1598
https://github.com/Talend/tmdm-server-se/releases/tag/snap%…
Broken Link Third Party Advisory
https://github.com/Talend/tmdm-server-se/releases/tag/snap%2Fmaster%2F20221220_…
https://vuldb.com/?ctiid.216997
Third Party Advisory
https://vuldb.com/?ctiid.216997
https://vuldb.com/?id.216997
Third Party Advisory
https://vuldb.com/?id.216997