{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-28T20:39:30.668","vulnerabilities":[{"cve":{"id":"CVE-2022-2145","sourceIdentifier":"cna@cloudflare.com","published":"2022-06-28T18:15:08.247","lastModified":"2024-11-21T07:00:25.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files."},{"lang":"es","value":"El cliente WARP de Cloudflare para Windows (versiones hasta 2022.5.309.0) permitía la creación de puntos de montaje desde su carpeta ProgramData. Durante la instalación del cliente WARP, era posible escalar privilegios y sobrescribir archivos protegidos por el sistema"}],"metrics":{"cvssMetricV31":[{"source":"cna@cloudflare.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.3,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@cloudflare.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-59"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cloudflare:warp:*:*:*:*:*:windows:*:*","versionEndExcluding":"2022.5.309.0","matchCriteriaId":"AD83E70B-AD72-4303-88E0-832998C55026"}]}]}],"references":[{"url":"https://github.com/cloudflare/advisories/security/advisories/GHSA-6fpc-qxmr-6wrq","source":"cna@cloudflare.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/cloudflare/advisories/security/advisories/GHSA-6fpc-qxmr-6wrq","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}}]}