CVE-2022-3090 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
icscert	CNA	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 27%

Vendor	Product	Version
redlion	crimson	𝑥 < 3.0
redlion	crimson	3.0
redlion	crimson	3.0:build_477.003
redlion	crimson	3.0:build_493.003
redlion	crimson	3.0:build_493.004
redlion	crimson	3.0:build_493.005
redlion	crimson	3.0:build_502.000
redlion	crimson	3.0:build_502.001
redlion	crimson	3.0:build_502.003
redlion	crimson	3.0:build_515.002
redlion	crimson	3.0:build_515.003
redlion	crimson	3.0:build_523.003
redlion	crimson	3.0:build_530.000
redlion	crimson	3.0:build_530.001
redlion	crimson	3.0:build_530.002
redlion	crimson	3.0:build_530.003
redlion	crimson	3.0:build_548.001
redlion	crimson	3.0:build_548.005
redlion	crimson	3.0:build_573.001
redlion	crimson	3.0:build_573.002
redlion	crimson	3.0:build_579.001
redlion	crimson	3.0:build_579.003
redlion	crimson	3.0:build_582.000
redlion	crimson	3.0:build_582.001
redlion	crimson	3.0:build_582.003
redlion	crimson	3.0:build_582.004
redlion	crimson	3.0:build_599.000
redlion	crimson	3.0:build_599.001
redlion	crimson	3.0:build_603.000
redlion	crimson	3.0:build_605.002
redlion	crimson	3.0:build_615.004
redlion	crimson	3.0:build_619.002
redlion	crimson	3.0:build_619.004
redlion	crimson	3.0:build_624.000
redlion	crimson	3.0:build_624.005
redlion	crimson	3.0:build_635.000
redlion	crimson	3.0:build_635.001
redlion	crimson	3.0:build_639.000
redlion	crimson	3.0:build_640.000
redlion	crimson	3.0:build_640.001
redlion	crimson	3.0:build_640.002
redlion	crimson	3.0:build_647.002
redlion	crimson	3.0:build_657.001
redlion	crimson	3.0:build_657.003
redlion	crimson	3.0:build_662.002
redlion	crimson	3.0:build_662.006
redlion	crimson	3.0:build_675.000
redlion	crimson	3.0:build_678.002
redlion	crimson	3.0:build_683.000
redlion	crimson	3.0:build_683.001
redlion	crimson	3.0:build_683.002
redlion	crimson	3.0:build_690.001
redlion	crimson	3.0:build_690.002
redlion	crimson	3.0:build_693.000
redlion	crimson	3.0:build_694.000
redlion	crimson	3.0:build_697.001
redlion	crimson	3.0:build_697.002
redlion	crimson	3.0:build_697.003
redlion	crimson	3.0:build_700.000
redlion	crimson	3.0:build_702.002
redlion	crimson	3.0:build_702.004
redlion	crimson	3.0:build_703.001
redlion	crimson	3.0:build_705.000
redlion	crimson	3.0:build_707.000
redlion	crimson	3.1
redlion	crimson	3.1:build_3100.000
redlion	crimson	3.1:build_3100.002
redlion	crimson	3.1:build_3100.003
redlion	crimson	3.1:build_3100.008
redlion	crimson	3.1:build_3100.009
redlion	crimson	3.1:build_3100.010
redlion	crimson	3.1:build_3101.001
redlion	crimson	3.1:build_3104.000
redlion	crimson	3.1:build_3106.000
redlion	crimson	3.1:build_3106.004
redlion	crimson	3.1:build_3108.002
redlion	crimson	3.1:build_3108.004
redlion	crimson	3.1:build_3109.003
redlion	crimson	3.1:build_3109.004
redlion	crimson	3.1:build_3110.000
redlion	crimson	3.1:build_3110.002
redlion	crimson	3.1:build_3110.004
redlion	crimson	3.1:build_3111.000
redlion	crimson	3.1:build_3112.000
redlion	crimson	3.1:build_3113.000
redlion	crimson	3.1:build_3114.002
redlion	crimson	3.1:build_3115.006
redlion	crimson	3.1:build_3115.008
redlion	crimson	3.1:build_3115.009
redlion	crimson	3.1:build_3116.000
redlion	crimson	3.1:build_3119.001
redlion	crimson	3.1:build_3119.002
redlion	crimson	3.1:build_3120.000
redlion	crimson	3.1:build_3120.001
redlion	crimson	3.1:build_3121.000
redlion	crimson	3.1:build_3122.000
redlion	crimson	3.1:build_3122.001
redlion	crimson	3.1:build_3123.000
redlion	crimson	3.1:build_3123.001
redlion	crimson	3.1:build_3124.000
redlion	crimson	3.1:build_3125.003
redlion	crimson	3.1:build_3125.006
redlion	crimson	3.1:build_3125.007
redlion	crimson	3.1:build_3126.000
redlion	crimson	3.1:build_3126.001
redlion	crimson	3.2
redlion	crimson	3.2:build_3.2.0008.0
redlion	crimson	3.2:build_3.2.0014.0
redlion	crimson	3.2:build_3.2.0015.0
redlion	crimson	3.2:build_3.2.0016.0
redlion	crimson	3.2:build_3.2.0020.0
redlion	crimson	3.2:build_3.2.0021.0
redlion	crimson	3.2:build_3.2.0025.0
redlion	crimson	3.2:build_3.2.0026.0
redlion	crimson	3.2:build_3.2.0030.0
redlion	crimson	3.2:build_3.2.0031.0
redlion	crimson	3.2:build_3.2.0035.0
redlion	crimson	3.2:build_3.2.0036.0
redlion	crimson	3.2:build_3.2.0040.0
redlion	crimson	3.2:build_3.2.0041.0
redlion	crimson	3.2:build_3.2.0044.0

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-01