Vulnerability Details CVE-2022-2145
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.2%
CVSS Severity
CVSS v3 Score 5.8
CVSS v2 Score 7.2
References
Products affected by CVE-2022-2145
-
cpe:2.3:a:cloudflare:warp:-
-
cpe:2.3:a:cloudflare:warp:1.2.2544.0
-
cpe:2.3:a:cloudflare:warp:1.2.2695.1
-
cpe:2.3:a:cloudflare:warp:1.2.2834.0
-
cpe:2.3:a:cloudflare:warp:1.2.2866.0
-
cpe:2.3:a:cloudflare:warp:1.3.184.0
-
cpe:2.3:a:cloudflare:warp:1.4.107.0
-
cpe:2.3:a:cloudflare:warp:1.4.25.0
-
cpe:2.3:a:cloudflare:warp:1.4.33.0
-
cpe:2.3:a:cloudflare:warp:1.5.147.0
-
cpe:2.3:a:cloudflare:warp:1.5.206.0
-
cpe:2.3:a:cloudflare:warp:1.5.295.0
-
cpe:2.3:a:cloudflare:warp:1.5.461.0
-
cpe:2.3:a:cloudflare:warp:1.6.28.0
-
cpe:2.3:a:cloudflare:warp:2021.11.155.0
-
cpe:2.3:a:cloudflare:warp:2021.11.276.0
-
cpe:2.3:a:cloudflare:warp:2021.12.2.0
-
cpe:2.3:a:cloudflare:warp:2022.2.247.0
-
cpe:2.3:a:cloudflare:warp:2022.2.95.0
-
cpe:2.3:a:cloudflare:warp:2022.3.186.0
-
cpe:2.3:a:cloudflare:warp:2022.3.63.0
-
cpe:2.3:a:cloudflare:warp:2022.4.115.0
-
cpe:2.3:a:cloudflare:warp:2022.5.226.0