CVE-2022-29799

5.5MEDIUM

Key Information:

Vendor: Microsoft
Status: Networkd-dispatcher
Vendor: CVE Published:; 21 September 2022

Summary

A vulnerability was found in networkd-dispatcher. This flaw exists because no functions are sanitized by the OperationalState or the AdministrativeState of networkd-dispatcher. This attack leads to a directory traversal to escape from the “/etc/networkd-dispatcher” base directory.

Affected Version(s)

networkd-dispatcher uknown

References

https://www.microsoft.com/security/blog/2022/04/26/micros...

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 21, 2022
Vulnerability Reserved
Apr 25, 2022

Collectors

NVD DatabaseMitre Database