{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T16:58:48.495","vulnerabilities":[{"cve":{"id":"CVE-2022-35217","sourceIdentifier":"twcert@cert.org.tw","published":"2022-08-02T16:15:10.243","lastModified":"2024-11-21T07:10:54.750","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service."},{"lang":"es","value":"El componente de servicio web de la tarjeta NHI presenta una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria debido a una comprobación insuficiente de la longitud del encabezado del paquete de red. Un atacante de la red de área local con privilegio de usuario general puede explotar esta vulnerabilidad para ejecutar código arbitrario, manipular el comando del sistema o interrumpir el servicio"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nhi:health_insurance_web_service_component:-:*:*:*:*:*:*:*","matchCriteriaId":"0379276F-4782-4249-82EF-A26C6EE14E8B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-6353-31470-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-6353-31470-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}