Vulnerability Description
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vocera | Report Server | >= 5.0.0, <= 5.8.0.135 |
| Vocera | Voice Server | >= 5.0.0, <= 5.8.0.135 |
Related Weaknesses (CWE)
References
- https://www.stryker.com/us/en/about/governance/cyber-security/product-security/Not Applicable
- https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vThird Party Advisory
- https://www.stryker.com/us/en/about/governance/cyber-security/product-security/Not Applicable
- https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vThird Party Advisory
FAQ
What is CVE-2022-46898?
CVE-2022-46898 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function t...
How severe is CVE-2022-46898?
CVE-2022-46898 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-46898?
Check the references section above for vendor advisories and patch information. Affected products include: Vocera Report Server, Vocera Voice Server.