Zercurity data services
  • Expand groupSummary
  • Applications (0)
  • Packages (0)
  • System updates (0)
  • Operating systems (0)

CVE-2022-40977

Description
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). File writes do not affect confidentiality or availability.
  • Risk: 8
CVSSv3
    CVSSv2

      Raw Object

      {
  "uuid": "10407357-060b-2815-4c5a-470b6c765652",
  "name": "CVE-2022-40977",
  "description": "A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). File writes do not affect confidentiality or availability.",
  "cvss": null,
  "score": 0,
  "severity": "NONE",
  "cvss3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
  "score3": 7.5,
  "severity3": "HIGH",
  "applications": [],
  "packages": [],
  "updates": [],
  "os": [],
  "risk": 8,
  "created_at": "2022-11-24T10:15:00+00:00",
  "updated_at": "2022-12-01T14:15:00+00:00",
  "deleted_at": null
}