Search

Find a vulnerability

Search criteria

    4 vulnerabilities by le-yan_dental_management_system_project

    CVE-2022-22056 (GCVE-0-2022-22056)

    Vulnerability from nvd – Published: 2022-01-14 04:50 – Updated: 2024-09-16 17:58
    VLAI
    Title
    Le-yan Co., Ltd. dental management system - Hard-coded Credentials
    Summary
    The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service.
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Date Public
    2022-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Dental Management System",
              "vendor": "Le-yan Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.8.5"
                }
              ]
            }
          ],
          "datePublic": "2022-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator\u2019s privilege and control the system or disrupt service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T04:50:42.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Contact tech support from Le-yan Co., Ltd."
            }
          ],
          "source": {
            "advisory": "TVN-202201004",
            "discovery": "EXTERNAL"
          },
          "title": "Le-yan Co., Ltd. dental management system - Hard-coded Credentials",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2022-01-14T04:36:00.000Z",
              "ID": "CVE-2022-22056",
              "STATE": "PUBLIC",
              "TITLE": "Le-yan Co., Ltd. dental management system - Hard-coded Credentials"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Dental Management System",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "2.8.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Le-yan Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator\u2019s privilege and control the system or disrupt service."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798 Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Contact tech support from Le-yan Co., Ltd."
              }
            ],
            "source": {
              "advisory": "TVN-202201004",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2022-22056",
        "datePublished": "2022-01-14T04:50:42.783Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:58:31.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22055 (GCVE-0-2022-22055)

    Vulnerability from nvd – Published: 2022-01-14 04:50 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Le-yan Co., Ltd. dental management system - SQL Injection
    Summary
    The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2022-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.332Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Dental Management System",
              "vendor": "Le-yan Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.8.5"
                }
              ]
            }
          ],
          "datePublic": "2022-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator\u2019s privilege and perform arbitrary operations on the system or disrupt service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T04:50:41.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Contact tech support from Le-yan Co., Ltd."
            }
          ],
          "source": {
            "advisory": "TVN-202201003",
            "discovery": "EXTERNAL"
          },
          "title": "Le-yan Co., Ltd. dental management system - SQL Injection",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2022-01-14T04:36:00.000Z",
              "ID": "CVE-2022-22055",
              "STATE": "PUBLIC",
              "TITLE": "Le-yan Co., Ltd. dental management system - SQL Injection"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Dental Management System",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "2.8.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Le-yan Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator\u2019s privilege and perform arbitrary operations on the system or disrupt service."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-89 SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Contact tech support from Le-yan Co., Ltd."
              }
            ],
            "source": {
              "advisory": "TVN-202201003",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2022-22055",
        "datePublished": "2022-01-14T04:50:41.453Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:31.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22056 (GCVE-0-2022-22056)

    Vulnerability from cvelistv5 – Published: 2022-01-14 04:50 – Updated: 2024-09-16 17:58
    VLAI
    Title
    Le-yan Co., Ltd. dental management system - Hard-coded Credentials
    Summary
    The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service.
    CWE
    • CWE-798 - Use of Hard-coded Credentials
    Assigner
    References
    Impacted products
    Date Public
    2022-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.232Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Dental Management System",
              "vendor": "Le-yan Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.8.5"
                }
              ]
            }
          ],
          "datePublic": "2022-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator\u2019s privilege and control the system or disrupt service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-798",
                  "description": "CWE-798 Use of Hard-coded Credentials",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T04:50:42.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Contact tech support from Le-yan Co., Ltd."
            }
          ],
          "source": {
            "advisory": "TVN-202201004",
            "discovery": "EXTERNAL"
          },
          "title": "Le-yan Co., Ltd. dental management system - Hard-coded Credentials",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2022-01-14T04:36:00.000Z",
              "ID": "CVE-2022-22056",
              "STATE": "PUBLIC",
              "TITLE": "Le-yan Co., Ltd. dental management system - Hard-coded Credentials"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Dental Management System",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "2.8.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Le-yan Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator\u2019s privilege and control the system or disrupt service."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-798 Use of Hard-coded Credentials"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5510-45d71-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Contact tech support from Le-yan Co., Ltd."
              }
            ],
            "source": {
              "advisory": "TVN-202201004",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2022-22056",
        "datePublished": "2022-01-14T04:50:42.783Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:58:31.807Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22055 (GCVE-0-2022-22055)

    Vulnerability from cvelistv5 – Published: 2022-01-14 04:50 – Updated: 2024-09-17 03:07
    VLAI
    Title
    Le-yan Co., Ltd. dental management system - SQL Injection
    Summary
    The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.
    CWE
    Assigner
    References
    Impacted products
    Date Public
    2022-01-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:00:55.332Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Dental Management System",
              "vendor": "Le-yan Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.8.5"
                }
              ]
            }
          ],
          "datePublic": "2022-01-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator\u2019s privilege and perform arbitrary operations on the system or disrupt service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-14T04:50:41.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Contact tech support from Le-yan Co., Ltd."
            }
          ],
          "source": {
            "advisory": "TVN-202201003",
            "discovery": "EXTERNAL"
          },
          "title": "Le-yan Co., Ltd. dental management system - SQL Injection",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "TWCERT/CC",
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2022-01-14T04:36:00.000Z",
              "ID": "CVE-2022-22055",
              "STATE": "PUBLIC",
              "TITLE": "Le-yan Co., Ltd. dental management system - SQL Injection"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Dental Management System",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "2.8.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Le-yan Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator\u2019s privilege and perform arbitrary operations on the system or disrupt service."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-89 SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html",
                  "refsource": "MISC",
                  "url": "https://www.twcert.org.tw/tw/cp-132-5509-80f05-1.html"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Contact tech support from Le-yan Co., Ltd."
              }
            ],
            "source": {
              "advisory": "TVN-202201003",
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2022-22055",
        "datePublished": "2022-01-14T04:50:41.453Z",
        "dateReserved": "2021-12-21T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:07:31.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }