A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
References
Link | Resource |
---|---|
https://hackerone.com/reports/1553598 | Exploit Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220609-0009/ | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20220729-0004/ | Third Party Advisory |
https://www.oracle.com/security-alerts/cpujul2022.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
History
27 Mar 2024, 15:02
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk universal Forwarder |
|
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
28 Feb 2023, 15:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* | |
First Time |
Netapp h700s
|
19 Jan 2023, 02:39
Type | Values Removed | Values Added |
---|---|---|
First Time |
Netapp h500s
Netapph700s Netapp solidfire \& Hci Management Node Netapp h410s Netapp clustered Data Ontap Netapp hci Compute Node Netapp bh500s Firmware Netapp oncommand Insight Netapp hci Compute Node Firmware Netapp h300s Netapp snapcenter Netapp h410s Firmware Netapp active Iq Unified Manager Netapp h700s Firmware Netapp oncommand Workflow Automation Netapp Netapp h300s Firmware Oracle mysql Server Oracle Netapph700s - |
|
CPE | cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:hci_compute_node_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:bh500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:* cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* cpe:2.3:h:netapph700s:-:*:*:*:*:*:*:*:* |
|
References | (N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220729-0004/ - Third Party Advisory |
29 Jul 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jul 2022, 18:22
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Jun 2022, 15:40
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:haxx:curl:7.83.0:*:*:*:*:*:*:* |
10 Jun 2022, 18:49
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* | |
First Time |
Haxx curl
Haxx |
|
CVSS |
v2 : v3 : |
v2 : 5.8
v3 : 8.1 |
CWE | CWE-706 | |
References | (MISC) https://hackerone.com/reports/1553598 - Exploit, Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20220609-0009/ - Third Party Advisory |
09 Jun 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
02 Jun 2022, 14:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-02 14:15
Updated : 2024-03-27 15:02
NVD link : CVE-2022-27778
Mitre link : CVE-2022-27778
CVE.ORG link : CVE-2022-27778
JSON object : View
Products Affected
netapp
- h700s_firmware
- oncommand_workflow_automation
- h700s
- solidfire_\&_hci_management_node
- oncommand_insight
- h300s_firmware
- hci_compute_node_firmware
- h500s
- snapcenter
- active_iq_unified_manager
- h410s_firmware
- hci_compute_node
- h410s
- h300s
- bh500s_firmware
- clustered_data_ontap
oracle
- mysql_server
haxx
- curl
splunk
- universal_forwarder
CWE
CWE-706
Use of Incorrectly-Resolved Name or Reference