Skip to main content

Trudesk CVE-2022-1947

MEDIUM
Use of Incorrect Operator (CWE-480)
2022-05-31 security@huntr.dev
6.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 31, 2022 - 23:15 nvd
MEDIUM 6.5

DescriptionNVD

Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.

AnalysisAI

Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-480. Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Affected products include: Trudesk Project Trudesk. Version information: prior to 1.2.3..

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2022-2128 CRITICAL POC
9.8 Jun 20

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical seve

CVE-2022-2023 CRITICAL POC
9.8 Jun 20

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical severity (CVSS 9.8)

CVE-2022-1775 CRITICAL POC
9.8 May 20

Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Rated critical severity (CVSS 9.8), this

CVE-2022-1808 HIGH POC
8.8 May 31

Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.8

CVE-2022-1770 HIGH POC
8.8 May 20

Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.8), this

CVE-2022-1931 HIGH POC
8.1 May 31

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.1), this vuln

CVE-2022-1752 HIGH POC
8.0 May 21

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity

CVE-2022-1718 HIGH POC
7.5 Sep 29

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can a

CVE-2022-1803 MEDIUM POC
6.9 May 20

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium s

CVE-2022-1754 MEDIUM POC
6.5 May 20

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.5), th

CVE-2022-1728 MEDIUM POC
6.5 May 16

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2

CVE-2022-1044 MEDIUM POC
6.5 May 12

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. R

Share

CVE-2022-1947 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy