CVE-2022-1415 — Vulnetix

Try Vulnetix Request Demo

CVE-2022-1415 PUBLISHED CVSS 8.100000381469727 HIGH

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

EPSS 0.82% · 74.3th percentile

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

EPSS Score

0.82%

74.3th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat build of Quarkus
Maven	org.drools:drools-core	0, 0, 0
Red Hat	Red Hat JBoss Data Grid 7
Red Hat	Red Hat JBoss Data Virtualization 6
Red Hat	Red Hat Process Automation 7
Red Hat	Red Hat JBoss Enterprise Application Platform 6
Red Hat	Red Hat JBoss Fuse Service Works 6
Red Hat	Red Hat build of Apache Camel for Spring Boot
Red Hat	Red Hat Decision Manager 7
Red Hat	Red Hat JBoss Enterprise Application Platform Expansion Pack
Red Hat	Red Hat JBoss Enterprise Application Platform 7
Red Hat	RHPAM 7.13.1 async
Red Hat	Red Hat JBoss Fuse 6
Maven	org.drools:drools
Red Hat	Red Hat JBoss Fuse 7
Red Hat	Red Hat Integration Camel K
Red Hat	Red Hat Integration Camel Quarkus

Timeline

Sep 11, 2023 CVE Published
Sep 12, 2023 CVE Updated
Sep 12, 2023 EPSS Score
Oct 14, 2023 EPSS Score
Nov 15, 2023 EPSS Score
Dec 17, 2023 EPSS Score
Feb 18, 2024 EPSS Score
Mar 21, 2024 EPSS Score
Apr 22, 2024 EPSS Score
May 24, 2024 EPSS Score
Jun 25, 2024 EPSS Score
Jul 27, 2024 EPSS Score

References

https://access.redhat.com/security/cve/CVE-2022-1415 vdb
RHSA-2022:6813 vendor-advisory
RHBZ#2065505 issue
https://nvd.nist.gov/vuln/detail/CVE-2022-1415 advisory
https://github.com/advisories/GHSA-m5q8-58wh-xxq4 advisory

Open in Interactive Console →