How severe is CVE-2022-0074?

CVE-2022-0074 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-0074

Name: openlitespeed
Author: litespeedtech

8.8HIGH

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1

Опубликовано: 10/27/2022Обновлено: 11/21/2024

Описание

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.

ИИ-АнализНа базе ИИ

Затронутые продукты

litespeedtechopenlitespeed

Ссылки

https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29
ExploitThird Party Advisory
https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29
ExploitThird Party Advisory