CVE-2022-2120

AST

Critical

OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to writ…

CVSS

9.8

Critical

EPSS

0.06

p90

Published

2022-01-01

Updated

2022-01-01

Description

OFFIS DCMTK's (All versions prior to 3.6.7) service class user (SCU) is vulnerable to relative path traversal, allowing an attacker to write DICOM files into arbitrary directories under controlled names. This could allow remote code execution.

Tags · CWE

Pre-auth

CWE-23

CAPEC-76

CAPEC-139

Affected products

Dcmtk < 3.6.7

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

2022-01-01

Published

2022-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: N

None (N)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.057 · p90

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected software

Product	Vendor	Status
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk		Tracked
dcmtk	*	Tracked

Source databases

AST

DEB

CVE

UBU

Related vulnerabilities

BDU:2023-03841