CVE-2022-42130 in Liferayinfo

Zusammenfassung

von MITRE • 15.11.2022

The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

03.10.2022

Veröffentlichung

15.11.2022

Moderieren

akzeptiert

Eintrag

VDB-213639

CPE

bereit

CWE

CWE-275 (bestätigt)

CVSS

4.3 (NVD)

EPSS

0.00730

KEV

nein

Aktivitäten

very low

Sektor

Police, Hospital, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-42130
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-42130
CVE Details	https://www.cvedetails.com/cve/CVE-2022-42130/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!