Home > Vulnerability Database > CVE-2022-4322

Mend.io Vulnerability Database

CVE-2022-4322

Good to know:

Date: December 7, 2022

A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This affects the function doExecute of the file AbstractScheduleJob.java of the component Scheduled Task Handler. The manipulation leads to injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 446eb7294332efca2bfd791bc37281cedac0d0ff. It is recommended to apply a patch to fix this issue. The identifier VDB-215013 was assigned to this vulnerability.

Language: Java

Severity Score

7.2

Related Resources (5)

Url: https://vuldb.com/?id.215013

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-4322

Url: https://gitee.com/makunet/maku-boot/issues/I5ZUYI

Url: https://gitee.com/makunet/maku-boot/commit/446eb7294332efca2bfd791bc37281cedac0d0ff

Url: https://www.mend.io/vulnerability-database/CVE-2022-4322

Severity Score

7.2

Weakness Type (CWE)

Improper Enforcement of Message or Data Structure

CWE-707

Injection

CWE-74

SQL Injection

CWE-89

Top Fix

Upgrade Version

Upgrade to version v2.3.0

Learn More

CVSS v3.1

Base Score:	7.2
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-4322

Good to know:

Date: December 7, 2022

Language: Java

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?