7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-37866

GHSA ID

GHSA-wv7w-rj2x-556x

EPSS Score

0.69517%

CWE

CWE-22

Published

11/7/2022

Updated

7/5/2023

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-37866

CVE-2022-37866: Apache Ivy vulnerable to path traversal

When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordinates like the organisation, module or version. If said coordinates contain "../" sequences - which are valid characters for Ivy coordinates in general - it is possible the artifacts are stored outside of Ivy's local cache or repository or can overwrite different artifacts inside of the local cache. In order to exploit this vulnerability an attacker needs collaboration by the remote repository as Ivy will issue http requests containing ".." sequences and a "normal" repository will not interpret them as part of the artifact coordinates. Users of Apache Ivy versions 2.0.0 to 2.5.1 should upgrade to Ivy 2.5.1.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2022-37866

CVE-2022-37866:

7.5

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2022-37866

GHSA ID

GHSA-wv7w-rj2x-556x

EPSS Score

0.69517%

CWE

CWE-22

Published

11/7/2022

Updated

7/5/2023

KEV Status

Technology

Java

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.ivy:ivy	maven	>= 2.0.0, < 2.5.1	2.5.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper path sanitization when resolving artifact storage locations. The primary vulnerable function is DefaultRepositoryCacheManager.getArchivePathInCache which handles pattern substitution with user-controlled coordinates. FileUtil.resolveFile is a secondary candidate as it's commonly involved in path resolution operations. These functions would appear in stack traces when processing malicious coordinates containing path traversal sequences. The high confidence for DefaultRepositoryCacheManager comes from its direct role in cache path construction, while FileUtil.resolveFile gets medium confidence as a supporting utility.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.5

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2022-37866: Apache Ivy vulnerable to path traversal

CVE-2022-37866:

7.5

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2022-37866: Apache Ivy vulnerable to path traversal

7.5

7.5

Technical Details

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI