PT-2022-22375 · Unknown · Clusterpro X+3
Published
2022-11-08
·
Updated
2025-05-02
·
CVE-2022-34823
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CLUSTERPRO X versions 5.0 and earlier
EXPRESSCLUSTER X versions 5.0 and earlier
CLUSTERPRO X SingleServerSafe versions 5.0 and earlier
EXPRESSCLUSTER X SingleServerSafe versions 5.0 and earlier
Description
A buffer overflow vulnerability allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.
Recommendations
For CLUSTERPRO X versions 5.0 and earlier, update to a version that fixes the buffer overflow vulnerability.
For EXPRESSCLUSTER X versions 5.0 and earlier, update to a version that fixes the buffer overflow vulnerability.
For CLUSTERPRO X SingleServerSafe versions 5.0 and earlier, update to a version that fixes the buffer overflow vulnerability.
For EXPRESSCLUSTER X SingleServerSafe versions 5.0 and earlier, update to a version that fixes the buffer overflow vulnerability.
As a temporary workaround, consider restricting access to the file system to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Clusterpro X
Clusterpro X Singleserversafe
Expresscluster X
Expresscluster X Singleserversafe