How severe is CVE-2022-45118?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-45118?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2022-45118

MEDIUM Year: 2022

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-287

View all →

Vulnerability Description

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions.

CVE-2010-2496

MEDIUM

CVSS:5.5(Medium)

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possible for local attackers to gain access to passwords of the HA stack and potentially influence its op...

CWE-2872010

CVE-2014-8180

MEDIUM

CVSS:5.5(Medium)

MongoDB on Red Hat Satellite 6 allows local users to bypass authentication by logging in with an empty password and delete information which can cause a Denial of Service.

CWE-2872014

CVE-2016-5410

MEDIUM

CVSS:5.5(Medium)

firewalld.py in firewalld before 0.4.3.3 allows local users to bypass authentication and modify firewall configurations via the (1) addPassthrough, (2) removePassthrough, (3) addEntry, (4) removeEntry...

CWE-2872016

CVE-2018-1106

MEDIUM

CVSS:5.5(Medium)

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to i...

CWE-2872018