VDB
CVE-2022-48257
CVE-2022-48257
PUBLISHED
CVSS 5.300000190734863 MEDIUM
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
EPSS 0.20% · 41.5th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.20%
41.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| eternal_terminal_project | eternal_terminal | 6.2.1 |
| n/a | n/a | n/a |
| eternal_terminal_project | eternal_terminal | 6.2.1 |
| fedoraproject | fedora | 38, 39, 40 |
Exploit Intelligence
- https://github.com/MisterTea/EternalTerminal/pull/556 (nist-nvd)
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/ (circl)
- https://github.com/MisterTea/EternalTerminal/issues/555 (circl)
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) (circl)
- FEDORA-2024-94a155818c (circl)
- FEDORA-2024-bd9e67c117 (circl)
- FEDORA-2024-b745c97f4b (circl)
Timeline
- Jan 13, 2023 CVE Published
- Jan 13, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 4, 2023 EPSS Score
- May 15, 2023 EPSS Score
- Jun 25, 2023 EPSS Score
- Aug 4, 2023 EPSS Score
- Sep 14, 2023 EPSS Score
- Oct 25, 2023 EPSS Score
- Dec 4, 2023 EPSS Score
- Jan 14, 2024 EPSS Score
References
- https://github.com/MisterTea/EternalTerminal/issues/555 url
- https://github.com/MisterTea/EternalTerminal/pull/556 url
- [oss-security] 20230216 EternalTerminal: Review report and findings (predictable /tmp file paths and file permission issues, 3 CVEs) mailing-list
- FEDORA-2024-94a155818c vendor-advisory
- FEDORA-2024-bd9e67c117 vendor-advisory
- FEDORA-2024-b745c97f4b vendor-advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-48257 advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYODHZECXYFC2BNODZPZXZAXOKGMCYAP url
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6MO4FSKYNSAJVUXYP7LRY7ARUIGKBFL url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L url