CVE-2022-3979
CVE-2022-3979 is a medium-severity vulnerability in Nagvis with a CVSS 3.x base score of 5.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-704.
Key facts
- Severity: Medium (CVSS 3.x base score 5.6)
- CVSS v2: 5.1
- EPSS exploit prediction: 1% (59th percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-704
- Affected product: Nagvis
- Published:
- Last modified:
Description
A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.9.34 is able to address this issue. The identifier of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.
Frequently asked questions
- What is CVE-2022-3979?
- A vulnerability was found in NagVis up to 1.9.33 and classified as problematic. This issue affects the function checkAuthCookie of the file share/server/core/classes/CoreLogonMultisite.php. The manipulation of the argument hash leads to incorrect type conversion. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. Upgrading to version 1.9.34 is able to address this issue. The identifier of the patch is 7574fd8a2903282c2e0d1feef5c4876763db21d5. It is recommended to upgrade the affected component. The identifier VDB-213557 was assigned to this vulnerability.
- How severe is CVE-2022-3979?
- CVE-2022-3979 has a CVSS 3.x base score of 5.6, rated medium severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is low, integrity low, and availability low.
- Is CVE-2022-3979 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 1% (59th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2022-3979?
- CVE-2022-3979 affects Nagvis. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2022-3979?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2022-3979 published?
- CVE-2022-3979 was published on 2022-11-13 and last updated on 2026-06-17.
References
- https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5
- https://github.com/NagVis/nagvis/releases/tag/nagvis-1.9.34
- https://vuldb.com/?ctiid.213557
- https://vuldb.com/?id.213557
- https://www.sonarsource.com/blog/checkmk-rce-chain-2/
- https://lists.debian.org/debian-lts-announce/2025/05/msg00000.html
Affected products (1)
- cpe:2.3:a:nagvis:nagvis:*:*:*:*:*:*:*:*
More vulnerabilities in Nagvis
- CVE-2022-46945 — Critical (CVSS 9.1): Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the component…
- CVE-2024-47093 — High (CVSS 8.8): Improper neutralization of input in Nagvis before version 1.9.42 which can lead to XSS
- CVE-2024-38866 — High (CVSS 7.5): Improper neutralization of input in Nagvis before version 1.9.47 which can lead to livestatus injection
- CVE-2021-33178 — Medium (CVSS 6.5): The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path…
- CVE-2024-47090 — Medium (CVSS 6.1): Improper neutralization of input in Nagvis before version 1.9.47 which can lead to XSS
- CVE-2023-46287 — Medium (CVSS 6.1): XSS exists in NagVis before 1.9.38 via the select function in share/server/core/functions/html.php.
Other CWE-704 (Incorrect Type Conversion or Cast) vulnerabilities
- CVE-2015-3120 — Critical (CVSS 10.0): Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before…
- CVE-2025-41648 — Critical (CVSS 9.8): An unauthenticated remote attacker can bypass the login to the web application of the affected devices making it…
- CVE-2025-41646 — Critical (CVSS 9.8): An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect…
- CVE-2021-33318 — Critical (CVSS 9.8): An Input Validation Vulnerability exists in Joel Christner .NET C# packages WatsonWebserver, IpMatcher 1.0.4.1 and…
- CVE-2020-25576 — Critical (CVSS 9.8): An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices…
- CVE-2020-6151 — Critical (CVSS 9.8): A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear…
Browse all CWE-704 (Incorrect Type Conversion or Cast) vulnerabilities →