How severe is CVE-2022-42474?

This vulnerability has a severity rating of LOW with a CVSS score of 2.7 out of 10.

What type of vulnerability is CVE-2022-42474?

This is classified as CWE-23, which is a common weakness in software security.

CVE-2022-42474

LOW Year: 2022

CVSS v3 Score

2.7

Low

Weakness Type

CWE-23

View all →

Vulnerability Description

A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.

CVE-2022-2106

LOW

CVSS:2.7(Low)

Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.

CWE-232022

CVE-2024-35274

LOW

CVSS:2.3(Low)

An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiAnalyzer versions below 7.4.2, Fortinet FortiManager versions below 7.4.2 and ...

CWE-232024

CVE-2022-4123

LOW

CVSS:3.3(Low)

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.

CWE-232022

CVE-2023-34117

LOW

CVSS:3.3(Low)

Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.

CWE-232023

CVE-2023-35816

LOW

CVSS:3.5(Low)

DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.

CWE-232023

CVE-2024-4330

MEDIUM

CVSS:4.0(Medium)

A path traversal vulnerability was identified in the parisneo/lollms-webui repository, specifically within version 9.6. The vulnerability arises due to improper handling of user-supplied input in the ...