CVE-2022-23307
highCVSS v3 Base Score
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
2.6%
Exploitation probability in 30 days
Top 14% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
High
Integrity
High
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
CWE
CWE-502Affected Products
apache chainsawapache log4jqos reload4joracle advanced supply chain planningoracle business intelligenceoracle business process management suiteoracle communications eagle ftp table base retrievaloracle communications instant messaging serveroracle communications messaging serveroracle communications network integrity