CVE-2022-1958

Published: Jun 15, 2022Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

A vulnerability classified as critical has been found in FileCloud. Affected is an unknown function of the component NTFS Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-201960.

Affected (1)

Products: Filecloud: Filecloud

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Filecloud Filecloud	From 21.2 to 21.3.5.18513

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (8)

https://vuldb.com/?ctiid.201960

Source: cna@vuldb.com

Third Party Advisory

https://vuldb.com/?id.201960

Source: cna@vuldb.com

Third Party Advisory

https://www.filecloud.com/supportdocs/fcdoc/2v/server/security-advisories/2022-security-advisories/advisory-2022-06-01-potential-unauthorized-data-access-when-using-network-folders-with-ntfs-permissions

Source: cna@vuldb.com

Vendor Advisory

https://www.scip.ch/?news.20220615

Source: cna@vuldb.com

Third Party Advisory

https://vuldb.com/?ctiid.201960

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://vuldb.com/?id.201960

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.filecloud.com/supportdocs/fcdoc/2v/server/security-advisories/2022-security-advisories/advisory-2022-06-01-potential-unauthorized-data-access-when-using-network-folders-with-ntfs-permissions

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.scip.ch/?news.20220615

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.