Vulnerabilities > CVE-2022-40673 - Missing Authorization vulnerability in multiple products

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

NVD

Published: 2022-09-14

Updated: 2023-11-07

Summary

KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.

Part	Description	Count
Application	Kdiskmark_Project Kdiskmark Project Kdiskmark 1.4.1 Kdiskmark Project Kdiskmark 1.4.2 Kdiskmark Project Kdiskmark 1.4.3 Kdiskmark Project Kdiskmark 1.5.0 Kdiskmark Project Kdiskmark 1.5.1 Kdiskmark Project Kdiskmark 1.6.0 Kdiskmark Project Kdiskmark 1.6.1 Kdiskmark Project Kdiskmark 1.6.2 Kdiskmark Project Kdiskmark 2.0.0 Kdiskmark Project Kdiskmark 2.1.0 Kdiskmark Project Kdiskmark 2.1.1 Kdiskmark Project Kdiskmark 2.2.0 Kdiskmark Project Kdiskmark 2.2.1 Kdiskmark Project Kdiskmark 2.3.0 Kdiskmark Project Kdiskmark 3.0.0	15
OS	Fedoraproject Fedoraproject Fedora 36	1