Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-47637

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-12 Sep, 2023 | 00:00
Updated At-26 Sep, 2024 | 15:17
Rejected At-
Credits

The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:12 Sep, 2023 | 00:00
Updated At:26 Sep, 2024 | 15:17
Rejected At:
▼CVE Numbering Authority (CNA)

The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf
N/A
Hyperlink: https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf
x_transferred
Hyperlink: https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
XAMPPxampp
Product
apache_distribution
CPEs
  • cpe:2.3:a:xampp:apache_distribution:*:*:windows:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 8.1.12
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:12 Sep, 2023 | 22:15
Updated At:15 Sep, 2023 | 13:38

The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Apache Friends
apachefriends
>>xampp>>Versions up to 8.1.12(inclusive)
cpe:2.3:a:apachefriends:xampp:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-281Primarynvd@nist.gov
CWE ID: CWE-281
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdfcve@mitre.org
Exploit
Vendor Advisory
Hyperlink: https://shinnai.altervista.org/exploits/DVRT-2023-0001_CVE-2022-47637.pdf
Source: cve@mitre.org
Resource:
Exploit
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

108Records found
CVE-2023-0975
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.73%
||
7 Day CHG~0.00%
Published-03 Apr, 2023 | 15:27
Updated-11 Feb, 2025 | 15:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability exists in Trellix Agent for Windows version 5.7.8 and earlier, that allows local users, during install/upgrade workflow, to replace one of the Agent’s executables before it can be executed. This allows the user to elevate their permissions.

Action-Not Available
Vendor-Microsoft CorporationMusarubra US LLC (Trellix)
Product-windowsagentTrellix Agent
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2022-4326
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.74%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 15:48
Updated-14 Apr, 2025 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Trellix xAgent permission bypass vulnerability

Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality.

Action-Not Available
Vendor-Microsoft CorporationMusarubra US LLC (Trellix)
Product-windowsendpoint_securityxAgent
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2022-29594
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.79%
||
7 Day CHG~0.00%
Published-02 Jun, 2022 | 22:43
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

eG Agent before 7.2 has weak file permissions that enable escalation of privileges to SYSTEM.

Action-Not Available
Vendor-eginnovationsn/aMicrosoft Corporation
Product-eg_agentvm_agentwindowseg_managereg_rum_collectorsn/a
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8468
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.29% / 52.02%
||
7 Day CHG~0.00%
Published-15 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to run processes in an elevated context when the Windows kernel improperly handles objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This CVE ID is unique from CVE-2017-8465.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_8.1windows_10windows_server_2016Microsoft Windows
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8466
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.69% / 70.88%
||
7 Day CHG~0.00%
Published-15 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Windows Cursor
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8578
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-12.07% / 93.53%
||
7 Day CHG~0.00%
Published-11 Jul, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8577, CVE-2017-8580, CVE-2017-8581, and CVE-2017-8467.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2017-8593
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7||HIGH
EPSS-0.97% / 75.70%
||
7 Day CHG~0.00%
Published-08 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_rt_8.1windows_10Windows Kernel-Mode Drivers
CWE ID-CWE-281
Improper Preservation of Permissions
CVE-2020-9442
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.05% / 83.12%
||
7 Day CHG~0.00%
Published-28 Feb, 2020 | 13:40
Updated-04 Aug, 2024 | 10:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there.

Action-Not Available
Vendor-openvpnn/aMicrosoft Corporation
Product-windowsconnectn/a
CWE ID-CWE-281
Improper Preservation of Permissions
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found