Vulnerability Details CVE-2022-25241
In FileCloud before 21.3, the CSV user import functionality is vulnerable to Cross-Site Request Forgery (CSRF).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.1
References
- http://packetstormsecurity.com/files/166074/FileCloud-21.2-Cross-Site-Request-Forgery.html
- https://herolab.usd.de/security-advisories/
- https://www.filecloud.com/supportdocs/display/cloud/Advisory+2022-01-3+Threat+of+CSRF+via+User+Creation
- http://packetstormsecurity.com/files/166074/FileCloud-21.2-Cross-Site-Request-Forgery.html
- https://herolab.usd.de/security-advisories/
- https://www.filecloud.com/supportdocs/display/cloud/Advisory+2022-01-3+Threat+of+CSRF+via+User+Creation
Products affected by CVE-2022-25241
-
cpe:2.3:a:filecloud:filecloud:1
-
cpe:2.3:a:filecloud:filecloud:1.1
-
cpe:2.3:a:filecloud:filecloud:1.10
-
cpe:2.3:a:filecloud:filecloud:1.12
-
cpe:2.3:a:filecloud:filecloud:1.14
-
cpe:2.3:a:filecloud:filecloud:1.2
-
cpe:2.3:a:filecloud:filecloud:1.3
-
cpe:2.3:a:filecloud:filecloud:1.4
-
cpe:2.3:a:filecloud:filecloud:1.5
-
cpe:2.3:a:filecloud:filecloud:1.8
-
cpe:2.3:a:filecloud:filecloud:10.0.0.29284
-
cpe:2.3:a:filecloud:filecloud:10.0.0.29437
-
cpe:2.3:a:filecloud:filecloud:10.0.0.29491
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30177
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30190
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30194
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30241
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30246
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30255
-
cpe:2.3:a:filecloud:filecloud:11.0.0.30406
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31255
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31266
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31298
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31317
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31363
-
cpe:2.3:a:filecloud:filecloud:12.0.0.31469
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32385
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32388
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32389
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32395
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32443
-
cpe:2.3:a:filecloud:filecloud:13.0.0.32841
-
cpe:2.3:a:filecloud:filecloud:14.0.0.34030
-
cpe:2.3:a:filecloud:filecloud:14.0.0.34177
-
cpe:2.3:a:filecloud:filecloud:14.0.0.34184
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35621
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35676
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35711
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35769
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35803
-
cpe:2.3:a:filecloud:filecloud:15.0.0.35818
-
cpe:2.3:a:filecloud:filecloud:17.3.0.37599
-
cpe:2.3:a:filecloud:filecloud:17.3.0.37634
-
cpe:2.3:a:filecloud:filecloud:17.3.0.37658
-
cpe:2.3:a:filecloud:filecloud:18.1.0.682
-
cpe:2.3:a:filecloud:filecloud:18.2.0
-
cpe:2.3:a:filecloud:filecloud:19.1.2.3267
-
cpe:2.3:a:filecloud:filecloud:19.2.0.4950
-
cpe:2.3:a:filecloud:filecloud:19.3.0.6180
-
cpe:2.3:a:filecloud:filecloud:19.3.3.6309
-
cpe:2.3:a:filecloud:filecloud:2
-
cpe:2.3:a:filecloud:filecloud:2.1
-
cpe:2.3:a:filecloud:filecloud:2.2
-
cpe:2.3:a:filecloud:filecloud:20.1.0.3561
-
cpe:2.3:a:filecloud:filecloud:20.1.0.7994
-
cpe:2.3:a:filecloud:filecloud:20.1.1.7769
-
cpe:2.3:a:filecloud:filecloud:20.2.0.11915
-
cpe:2.3:a:filecloud:filecloud:20.2.3.12065
-
cpe:2.3:a:filecloud:filecloud:20.3
-
cpe:2.3:a:filecloud:filecloud:20.3.1.13094
-
cpe:2.3:a:filecloud:filecloud:20.3.2.13174
-
cpe:2.3:a:filecloud:filecloud:20.3.3.13230
-
cpe:2.3:a:filecloud:filecloud:21.1
-
cpe:2.3:a:filecloud:filecloud:21.1.0.15081
-
cpe:2.3:a:filecloud:filecloud:21.1.1.15106
-
cpe:2.3:a:filecloud:filecloud:21.2
-
cpe:2.3:a:filecloud:filecloud:21.2.2.17308
-
cpe:2.3:a:filecloud:filecloud:21.2.2.6683
-
cpe:2.3:a:filecloud:filecloud:21.3
-
cpe:2.3:a:filecloud:filecloud:3
-
cpe:2.3:a:filecloud:filecloud:3.1
-
cpe:2.3:a:filecloud:filecloud:4
-
cpe:2.3:a:filecloud:filecloud:4.1
-
cpe:2.3:a:filecloud:filecloud:4.5.3.25372
-
cpe:2.3:a:filecloud:filecloud:4.7.0.25818
-
cpe:2.3:a:filecloud:filecloud:5.0.0.26215
-
cpe:2.3:a:filecloud:filecloud:6.0.0.26733
-
cpe:2.3:a:filecloud:filecloud:7.0.0.27480
-
cpe:2.3:a:filecloud:filecloud:8.0.0.28301
-
cpe:2.3:a:filecloud:filecloud:9.0.0.28836