CVE-2022-30625 Vulnerability Details

  /     /     /  

CVE-2022-30625 Metadata Quick Info

CVE Published: 18/07/2022 | CVE Updated: 17/09/2024 | CVE Year: 2022
Source: INCD | Vendor: Chcnav | Product: Chcnav - P5E GNSS
Status : PUBLISHED

---

CVE-2022-30625 Description

Directory listing is a web server function that displays the directory contents when there is no index file in a specific website directory. A directory listing provides an attacker with the complete index of all the resources located inside of the directory. The specific risks and consequences vary depending on which files are listed and accessible.

Metrics

CVSS Version: 3.1 | Base Score: 5.7 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

l➤ Exploitability Metrics:
    Attack Vector (AV)* LOCAL
    Attack Complexity (AC)* LOW
    Privileges Required (PR)* LOW
    User Interaction (UI)* REQUIRED
    Scope (S)* CHANGED

l➤ Impact Metrics:
    Confidentiality Impact (C)* LOW
    Integrity Impact (I)* LOW
    Availability Impact (A)* LOW

Weakness Enumeration (CWE)

CWE-ID: CWE-548
CWE Name: CWE-548 Information Exposure Through Directory Listing
Source: Chcnav

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).