Sign-up

ID

VAR-202212-0203


CVE

CVE-2022-35508


TITLE

Proxmox pve-http-server Code problem vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202212-2202

DESCRIPTION

Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when proxying HTTP requests between pve(pmg)proxy and pve(pmg)daemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox Mail Gateway, privilege escalation to the root@pam account is possible if the backup feature has ever been used, because backup files such as pmg-backup_YYYY_MM_DD_*.tgz have 0644 permissions and contain an authkey value. This is fixed in pve-http-server 4.1-3

Trust: 1.08

sources: NVD: CVE-2022-35508 // VULHUB: VHN-431823 // VULMON: CVE-2022-35508

AFFECTED PRODUCTS

vendor:proxmoxmodel:virtual environmentscope:eqversion: -

Trust: 1.0

vendor:proxmoxmodel:mail gatewayscope:eqversion: -

Trust: 1.0

vendor:proxmoxmodel:pve http serverscope:ltversion:4.1-3

Trust: 1.0

sources: NVD: CVE-2022-35508

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-35508
value: CRITICAL

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-35508
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202212-2202
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2022-35508
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 2.0

sources: CNNVD: CNNVD-202212-2202 // NVD: CVE-2022-35508 // NVD: CVE-2022-35508

PROBLEMTYPE DATA

problemtype:CWE-918

Trust: 1.1

sources: VULHUB: VHN-431823 // NVD: CVE-2022-35508

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202212-2202

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202212-2202

PATCH

title:Proxmox pve-http-server Fixes for code issue vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=216718

Trust: 0.6

sources: CNNVD: CNNVD-202212-2202

EXTERNAL IDS

db:NVDid:CVE-2022-35508

Trust: 1.8

db:CNNVDid:CNNVD-202212-2202

Trust: 0.6

db:VULHUBid:VHN-431823

Trust: 0.1

db:VULMONid:CVE-2022-35508

Trust: 0.1

sources: VULHUB: VHN-431823 // VULMON: CVE-2022-35508 // CNNVD: CNNVD-202212-2202 // NVD: CVE-2022-35508

REFERENCES

url:https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/

Trust: 1.8

url:http-server.git;a=commitdiff;h=c2bd69c7b5e9c775f96021cf8ae53da3dbd9029d

Trust: 1.8

url:https://git.proxmox.com/?p=pve-http-server.git%3ba=commitdiff%3bh=580d540ea907ba15f64379c5bb69ecf1a49a875f

Trust: 1.0

url:https://git.proxmox.com/?p=pve-http-server.git%3ba=commitdiff%3bh=c2bd69c7b5e9c775f96021cf8ae53da3dbd9029d

Trust: 1.0

url:https://git.proxmox.com/?p=pve-http-server.git%3ba=commitdiff%3bh=e9df8a6e76b2a18f89295a5d92a62177bbf0f762

Trust: 1.0

url:https://git.proxmox.com/?p=pve-

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-35508/

Trust: 0.6

url:https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=580d540ea907ba15f64379c5bb69ecf1a49a875f

Trust: 0.2

url:https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=c2bd69c7b5e9c775f96021cf8ae53da3dbd9029d

Trust: 0.2

url:https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=e9df8a6e76b2a18f89295a5d92a62177bbf0f762

Trust: 0.2

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-431823 // VULMON: CVE-2022-35508 // CNNVD: CNNVD-202212-2202 // NVD: CVE-2022-35508

SOURCES

db:VULHUBid:VHN-431823
db:VULMONid:CVE-2022-35508
db:CNNVDid:CNNVD-202212-2202
db:NVDid:CVE-2022-35508

LAST UPDATE DATE

2025-04-25T01:42:20.527000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-431823date:2022-12-07T00:00:00
db:VULMONid:CVE-2022-35508date:2022-12-05T00:00:00
db:CNNVDid:CNNVD-202212-2202date:2022-12-08T00:00:00
db:NVDid:CVE-2022-35508date:2025-04-24T16:15:20.603

SOURCES RELEASE DATE

db:VULHUBid:VHN-431823date:2022-12-04T00:00:00
db:VULMONid:CVE-2022-35508date:2022-12-04T00:00:00
db:CNNVDid:CNNVD-202212-2202date:2022-12-04T00:00:00
db:NVDid:CVE-2022-35508date:2022-12-04T19:15:09.930