Directory Traversal Vulnerability in dotCMS Core by dotCMS
CVE-2022-45783

6.5MEDIUM

Key Information:

Vendor: Dotcms
Status: Dotcms
Vendor: CVE Published:; 1 February 2023

What is CVE-2022-45783?

An authenticated directory traversal vulnerability has been identified in the dotCMS core API, affecting versions 4.x through 22.10.2. This vulnerability could allow unauthorized users to access restricted file directories and execute remote code, posing a significant security risk to the affected installations. Users are advised to review their configurations and apply the necessary security updates to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.dotcms.com/security/SI-67

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 1, 2023
Vulnerability Reserved
Nov 22, 2022

JSON

Dotcms

What is CVE-2022-45783?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.