A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to injection. The CWE definition for the vulnerability is CWE-74. The weakness was published 03/13/2022. This vulnerability is known as CVE-2022-1074. The attack can be launched remotely. There are no technical details available. Furthermore, there is an exploit available. The price for an exploit might be around USD $0-$5k at the moment. MITRE ATT&CK project uses the attack technique T1055 for this issue. It is declared as proof-of-concept. We expect the 0-day to have been worth approximately $0-$5k. A possible mitigation has been published even before and not after the disclosure of the vulnerability.
Field | 03/13/2022 12:25 | 03/25/2022 08:42 |
---|---|---|
vendor | TEM | TEM |
name | FLEX-1085 | FLEX-1085 |
version | 1.6.0 | 1.6.0 |
cwe | 74 (injection) | 74 (injection) |
risk | 1 | 1 |
cvss3 | N | N |
cvss3 | L | L |
cvss3 | N | N |
cvss3 | R | R |
cvss3 | U | U |
cvss3 | N | N |
cvss3 | L | L |
cvss3 | N | N |
cvss3 | P | P |
cvss3 | R | R |
availability | 1 | 1 |
date | 1647126000 (03/13/2022) | 1647126000 (03/13/2022) |
cvss2 | N | N |
cvss2 | L | L |
cvss2 | N | N |
cvss2 | N | N |
cvss2 | P | P |
cvss2 | N | N |
cvss2 | POC | POC |
cvss2 | UR | UR |
cvss2 | ND | ND |
cvss3 | X | X |
cvss2 | 5.0 | 5.0 |
cvss2 | 4.3 | 4.3 |
cvss3 | 4.3 | 4.3 |
cvss3 | 3.9 | 3.9 |
cvss3 | 4.3 | 4.3 |
cvss3 | 3.9 | 3.9 |
price | $0-$5k | $0-$5k |
cve | CVE-2022-1074 | |
cve | VulDB | |
responsible | VulDB |