CVE-2022-46902

Name of the Vulnerable Software and Affected Versions Vocera Report Server and Voice Server versions 5.x through 5.8

Description An issue was discovered that allows for a Path Traversal during an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive, which expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination.

Recommendations For versions 5.x through 5.8, consider disabling the websocket function that allows for the restoration of the database from a ZIP archive until a patch is available. Restrict access to the temporary directory where the ZIP archive files are written to minimize the risk of exploitation. Avoid using ZIP archives that may contain directory traversal payloads in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.