CVE-2022-38130 — CRITICAL (9.8)

Vulnerability Description

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file (i.e., \\<attacker-host>\sms\<attacker-db.zip>), effectively controlling the content of the database to be restored.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Keysight	Sensor Management Server	2.4.0

Related Weaknesses (CWE)

CWE-89

References

https://www.tenable.com/security/research/tra-2022-28Third Party Advisory
https://www.tenable.com/security/research/tra-2022-28Third Party Advisory

FAQ

What is CVE-2022-38130?

CVE-2022-38130 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single paramete...

How severe is CVE-2022-38130?

CVE-2022-38130 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2022-38130?

Check the references section above for vendor advisories and patch information. Affected products include: Keysight Sensor Management Server.