Vulnerability Description
A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Codehaus-Plexus | Plexus-Utils | < 3.0.24 |
| Redhat | Integration Camel K | < 1.10.1 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2023:2135Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:3906Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2022-4244Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2149841Issue TrackingThird Party Advisory
- https://access.redhat.com/errata/RHSA-2023:2135Third Party Advisory
- https://access.redhat.com/errata/RHSA-2023:3906Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2022-4244Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2149841Issue TrackingThird Party Advisory
FAQ
What is CVE-2022-4244?
CVE-2022-4244 is a vulnerability with a CVSS score of 7.5 (HIGH). A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "...
How severe is CVE-2022-4244?
CVE-2022-4244 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-4244?
Check the references section above for vendor advisories and patch information. Affected products include: Codehaus-Plexus Plexus-Utils, Redhat Integration Camel K.