Sign-up

ID

VAR-202207-1405


CVE

CVE-2022-23745


TITLE

of Check Point Software Technologies  Android  for  capsule workspace  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-013454

DESCRIPTION

A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. of Check Point Software Technologies Android for capsule workspace Exists in an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-23745 // JVNDB: JVNDB-2022-013454 // VULHUB: VHN-412921

AFFECTED PRODUCTS

vendor:checkpointmodel:capsule workspacescope:gteversion:8.0

Trust: 1.0

vendor:checkpointmodel:capsule workspacescope:ltversion:8.2.2

Trust: 1.0

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:capsule workspacescope:eqversion:8.0 that's all 8.2.2

Trust: 0.8

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:capsule workspacescope: - version: -

Trust: 0.8

vendor:チェック ポイント ソフトウェア テクノロジーズmodel:capsule workspacescope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-013454 // NVD: CVE-2022-23745

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-23745
value: HIGH

Trust: 1.0

NVD: CVE-2022-23745
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202207-1523
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-23745
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-23745
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-013454 // CNNVD: CNNVD-202207-1523 // NVD: CVE-2022-23745

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.1

problemtype:CWE-1218

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-412921 // JVNDB: JVNDB-2022-013454 // NVD: CVE-2022-23745

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202207-1523

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202207-1523

PATCH

title:Capsule Technologies Capsule Workspace Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201386

Trust: 0.6

sources: CNNVD: CNNVD-202207-1523

EXTERNAL IDS

db:NVDid:CVE-2022-23745

Trust: 3.3

db:JVNDBid:JVNDB-2022-013454

Trust: 0.8

db:CNNVDid:CNNVD-202207-1523

Trust: 0.6

db:VULHUBid:VHN-412921

Trust: 0.1

sources: VULHUB: VHN-412921 // JVNDB: JVNDB-2022-013454 // CNNVD: CNNVD-202207-1523 // NVD: CVE-2022-23745

REFERENCES

url:https://supportcenter.us.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk179646

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-23745

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-23745/

Trust: 0.6

url:https://supportcenter.us.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk179646

Trust: 0.1

sources: VULHUB: VHN-412921 // JVNDB: JVNDB-2022-013454 // CNNVD: CNNVD-202207-1523 // NVD: CVE-2022-23745

SOURCES

db:VULHUBid:VHN-412921
db:JVNDBid:JVNDB-2022-013454
db:CNNVDid:CNNVD-202207-1523
db:NVDid:CVE-2022-23745

LAST UPDATE DATE

2024-08-14T14:49:41.850000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-412921date:2022-07-25T00:00:00
db:JVNDBid:JVNDB-2022-013454date:2023-09-07T08:27:00
db:CNNVDid:CNNVD-202207-1523date:2022-07-26T00:00:00
db:NVDid:CVE-2022-23745date:2022-07-25T17:57:44.120

SOURCES RELEASE DATE

db:VULHUBid:VHN-412921date:2022-07-18T00:00:00
db:JVNDBid:JVNDB-2022-013454date:2023-09-07T00:00:00
db:CNNVDid:CNNVD-202207-1523date:2022-07-18T00:00:00
db:NVDid:CVE-2022-23745date:2022-07-18T17:15:08.717