How severe is CVE-2022-3952?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2022-3952?

This is classified as CWE-377, which is a common weakness in software security.

CVE-2022-3952 - HIGH Severity | CVSS 7.1

Vulnerability Description

A vulnerability has been found in ManyDesigns Portofino 5.3.2 and classified as problematic. Affected by this vulnerability is the function createTempDir of the file WarFileLauncher.java. The manipulation leads to creation of temporary file in directory with insecure permissions. Upgrading to version 5.3.3 is able to address this issue. The name of the patch is 94653cb357806c9cf24d8d294e6afea33f8f0775. It is recommended to upgrade the affected component. The identifier VDB-213457 was assigned to this vulnerability.

Related Vulnerabilities

CVE-2020-1991

HIGH

CVSS:7.1(High)

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks T...

CWE-3772020

CVE-2020-25636

HIGH

CVSS:7.1(High)

A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have...

CWE-3772020

CVE-2018-1053

HIGH

CVSS:7.0(High)

In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7 and 10.x before 10.2, pg_upgrade creates file in current working directory containing the output of `pg_...

CWE-3772018

CVE-2020-2016

HIGH

CVSS:7.0(High)

A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who...

CWE-3772020

CVE-2020-8032

HIGH

CVSS:7.0(High)

A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4....

CWE-3772020

CVE-2021-20202

HIGH

CVSS:7.3(High)

A flaw was found in keycloak. Directories can be created prior to the Java process creating them in the temporary directory, but with wider user permissions, allowing the attacker to have access to th...

CWE-3772021