CVE-2022-27188 Command injection vulnerability exists to access the affected computer.

An attacker can exploit this vulnerability by directly accessing the affected product through a network or by uploading a modified version of the product to the Internet. Successful exploitation of this vulnerability may allow an attacker to execute an arbitrary OS command on the affected product. CVSS Severity Rating: CVSS3 Base Score: 7.5/10 Impact Subscore: 5/10 Exploitability Subscore: 8/10 Vulnerability Scoring Details via CVE-2019-1246 There are currently no known exploits for this vulnerability, we recommend application of a patch as soon as possible. last updated on 2019-04-12 11:55:00 Details CVSS Vulnerable Software Versions Software : CVSS Version CVSS Score Type & Class CVSS 3.0 Confidentiality Impact Subscore Penetration Impact Confidentiality Resistance CVE-2019-1246 5.0 Confidentialities Impact: 5/10 Confidentiality Impact: 5/10 Exploitability Subscore: 8/10 Exploitability Impact: 10/10 CVSS 2.0 Fox Vuln - CVE-2019-1246 OpenCV is a popular open-source computer vision library. Fox is a fast, flexible, and extensible engine for processing images and video. A buffer overflow bug has been found in the Fox version used by CVSS 2.0 Fox. Fox versions before 10.0 are vulnerable. Fox versions 10.0 to 10.12 are vulnerable. Fox versions 10.13 to 10.

CVE-2019-1247

An attacker can exploit this vulnerability by directly accessing the affected product through a network or by uploading a modified version of the product to the Internet. Successful exploitation of this vulnerability may allow an attacker to execute an arbitrary OS command on the affected product. CVSS Severity Rating: CVSS3 Base Score: 7.5/10 Impact Subscore: 5/10 Exploitability Subscore: 8/10 Vulnerability Scoring Details via CVE-2019-1247 There are currently no known exploits for this vulnerability, we recommend application of a patch as soon as possible. last updated on 2019-04-12 11:55:00 Details CVSS Vulnerable Software Versions Software : CVSS Version CVSS Score Type & Class CVSS 3.0 Confidentiality Impact Subscore Penetration Impact Confidentiality Resistance CVE-2019-1247 5.0 Confidentialities Impact: 5/10 Confidentiality Impact: 5/10 Exploitability Subscore: 8/10 Exploitability Impact: 10/10 CVSS 2.0 Fox Vuln - CVE-2019-1247 OpenCV is a popular open-source computer vision library. Fox is a fast, flexible, and extensible engine for processing images and video. A buffer overflow bug has been found in the Fox version used by CVSS 2.0 Fox. Fox versions before 10.0 are vulnerable. Fox versions 10.0 to 10.12 are vulnerable. Fox versions 10.13 to 10

CVSSOverview

The CVSS Score is a 3-level severity grading system. The score can range from 0-10 with 10 being the most severe.
The CVSS Base Score is the base score, and it uses the following metrics:
CVSS Base Score Metric Low (0)       Medium (1) High (3) Impact Subscore: 5 Exploitability Subscore: 8 Vulnerability Scoring Details via CVE-2019-1246 There are currently no known exploits for this vulnerability, we recommend application of a patch as soon as possible. last updated on 2019-04-12 11:55:00

CVSS Overview

The CVSS v3 score assigned to this vulnerability is 7.5/10 which is a Medium risk rating. A Base Score of 7.5/10 indicates that this vulnerability has a relatively high severity level and could be exploited to execute arbitrary OS commands on the affected product. Impact Subscore of 5/10 indicates that this vulnerability has limited impact due to the difficulty in exploiting it. This vulnerability was last updated on 2019-04-12 11:55:00 and is actively monitored by our security team and will be updated if found to be exploitable.

Timeline

Published on: 04/15/2022 02:15:00 UTC
Last modified on: 04/22/2022 12:44:00 UTC

References