Home > Vulnerability Database > CVE-2022-4322

Mend.io Vulnerability Database

CVE-2022-4322

Date: December 6, 2022

A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This affects the function doExecute of the file AbstractScheduleJob.java of the component Scheduled Task Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 446eb7294332efca2bfd791bc37281cedac0d0ff. It is recommended to apply a patch to fix this issue. The identifier VDB-215013 was assigned to this vulnerability.

Language: Java

Severity Score

6.3

Related Resources (5)

Url: https://vuldb.com/?id.215013

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-4322

Url: https://gitee.com/makunet/maku-boot/issues/I5ZUYI

Url: https://gitee.com/makunet/maku-boot/commit/446eb7294332efca2bfd791bc37281cedac0d0ff

Url: https://www.mend.io/vulnerability-database/CVE-2022-4322

Severity Score

6.3

Weakness Type (CWE)

Improper Neutralization

CWE-707

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-74

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-89

CVSS v3.1

Base Score:	6.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2022-4322

Date: December 6, 2022

Language: Java

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?