CVE-2022-2870 Vulnerability Details

  /     /     /  

CVE-2022-2870 Metadata Quick Info

CVE Published: 17/08/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: VulDB | Vendor: unspecified | Product: laravel
Status : PUBLISHED

---

CVE-2022-2870 Description

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned to this vulnerability.

Metrics

CVSS Version: 3.1 | Base Score: 4.1 MEDIUM
Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* NETWORK
    Attack Complexity (AC)* HIGH
    Privileges Required (PR)* HIGH
    User Interaction (UI)* NONE
    Scope (S)* UNCHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* LOW
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID: CWE-502
CWE Name: CWE-502 Deserialization
Source: unspecified

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).