CVE-2022-1518

Summary

LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure.

Affected Software

VendorProductVersion RangeStatus
IlluminaNextSeq 550DxLRM Versions 1.3 to 3.1affected
IlluminaMiSeq DxLRM Versions 1.3 to 3.1affected
IlluminaNextSeq 500 InstrumentLRM Versions 1.3 to 3.1affected
IlluminaNextSeq 550 InstrumentLRM Versions 1.3 to 3.1affected
IlluminaMiSeq InstrumentLRM Versions 1.3 to 3.1affected
IlluminaiSeq 100 InstrumentLRM Versions 1.3 to 3.1affected
IlluminaMiniSeq InstrumentLRM Versions 1.3 to 3.1affected

Weaknesses

  • CWE-22: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References