CVE-2022-35259

High

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain…

hackerone·CWE-91·Published 2022-12-05

CVSS

7.8

EPSS

0.01

KEV

Exploits

cve.orgen

153 chars

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.

NVDen

153 chars

XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.

La inyección XML con Endpoint Manager 2022. 3 y versiones anteriores provoca que se ejecute la descarga de un archivo malicioso y posiblemente se ejecute para obtener privilegios no autorizados.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H