CVE-2022-26691 : A logic issue was addressed with improved state management. This issue is fixed

Products affected by CVE-2022-26691

Debian » Debian Linux » Version: 9.0
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 11.0
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X
Versions from including (>=) 10.15 and before (<) 10.15.7
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7
cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2020-001
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Supplemental Update
cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2020
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2020-005
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2020-007
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-001
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-002
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-003
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-006
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-007
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2021-008
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2022-001
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*
Matching versions
Apple » Mac Os X » Version: 10.15.7 Update Security Update 2022-002
cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*
Matching versions
Apple » Cups
Versions before (<) 499.4
cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*
Matching versions
Apple » Macos
Versions from including (>=) 11.0 and before (<) 11.6.5
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Matching versions
Apple » Macos
Versions after (>) 12.0.0 and before (<) 12.3
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 35
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 36
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
Matching versions
Openprinting » Cups
Versions before (<) 2.4.2
cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2022-26691

Top countries where our scanners detected CVE-2022-26691

Top open port discovered on systems with this issue 631

IPs affected by CVE-2022-26691 201,629

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2022-26691!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2022-26691

EPSS FAQ

0.01%

Probability of exploitation activity in the next 30 days EPSS Score History

~ %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-26691

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2022-26691

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-26691