CVE-2022-45921: n/a in n/a
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process.
AI Analysis
Technical Summary
CVE-2022-45921 is a directory traversal vulnerability affecting versions of FusionAuth prior to 1.41.3. FusionAuth is an identity and access management platform used to handle authentication and authorization services. This vulnerability allows an unauthenticated remote attacker to craft a specially formed HTTP request that can retrieve arbitrary files outside the application root directory. Specifically, the attacker can access any file readable by the user account under which the FusionAuth process runs. This is a classic directory traversal issue (CWE-22), where insufficient input validation or sanitization enables traversal sequences (e.g., ../) to escape the intended directory boundaries. The vulnerability has a CVSS 3.1 base score of 7.5 (high severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). Exploiting this flaw can lead to unauthorized disclosure of sensitive files such as configuration files, credentials, or other sensitive data accessible to the FusionAuth process user. Although no known exploits are reported in the wild, the ease of exploitation and the potential impact on confidentiality make this a significant risk for organizations using vulnerable FusionAuth versions. The vulnerability was published on November 28, 2022, and fixed in version 1.41.3. No official patch links were provided in the source data, but upgrading to the fixed version is the primary remediation.
Potential Impact
For European organizations, the impact of this vulnerability can be substantial, especially for those relying on FusionAuth for critical identity and access management functions. Unauthorized file disclosure could expose sensitive configuration files, private keys, database credentials, or personally identifiable information (PII) of users, leading to data breaches and compliance violations under GDPR. The exposure of authentication-related files could facilitate further attacks such as privilege escalation or lateral movement within networks. Organizations in sectors with stringent data protection requirements—such as finance, healthcare, and government—face heightened risks. Additionally, the compromise of identity management systems undermines trust and can disrupt business operations. Since the vulnerability requires no authentication or user interaction and can be exploited remotely, the attack surface is broad, increasing the likelihood of exploitation if systems remain unpatched. The lack of known exploits in the wild does not reduce the urgency, as public disclosure may prompt attackers to develop exploits.
Mitigation Recommendations
1. Immediate upgrade of FusionAuth installations to version 1.41.3 or later, where the vulnerability is patched. 2. If immediate upgrade is not feasible, implement network-level controls such as web application firewalls (WAFs) with custom rules to detect and block directory traversal patterns in HTTP requests targeting FusionAuth endpoints. 3. Restrict file system permissions for the user running the FusionAuth process to the minimum necessary, ensuring it cannot read sensitive files outside the application scope. 4. Monitor FusionAuth logs for suspicious HTTP requests containing traversal sequences or unusual file access patterns. 5. Conduct regular security audits and penetration testing focused on identity management systems to detect similar vulnerabilities. 6. Employ segmentation and isolation of identity management infrastructure to limit exposure in case of compromise. 7. Educate security teams about this vulnerability to ensure rapid response and patch management. 8. Review and harden configuration files and credentials stored on the FusionAuth host to minimize sensitive data exposure.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Italy, Spain, Belgium
CVE-2022-45921: n/a in n/a
Description
FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process.
AI-Powered Analysis
Technical Analysis
CVE-2022-45921 is a directory traversal vulnerability affecting versions of FusionAuth prior to 1.41.3. FusionAuth is an identity and access management platform used to handle authentication and authorization services. This vulnerability allows an unauthenticated remote attacker to craft a specially formed HTTP request that can retrieve arbitrary files outside the application root directory. Specifically, the attacker can access any file readable by the user account under which the FusionAuth process runs. This is a classic directory traversal issue (CWE-22), where insufficient input validation or sanitization enables traversal sequences (e.g., ../) to escape the intended directory boundaries. The vulnerability has a CVSS 3.1 base score of 7.5 (high severity), with the vector indicating network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). Exploiting this flaw can lead to unauthorized disclosure of sensitive files such as configuration files, credentials, or other sensitive data accessible to the FusionAuth process user. Although no known exploits are reported in the wild, the ease of exploitation and the potential impact on confidentiality make this a significant risk for organizations using vulnerable FusionAuth versions. The vulnerability was published on November 28, 2022, and fixed in version 1.41.3. No official patch links were provided in the source data, but upgrading to the fixed version is the primary remediation.
Potential Impact
For European organizations, the impact of this vulnerability can be substantial, especially for those relying on FusionAuth for critical identity and access management functions. Unauthorized file disclosure could expose sensitive configuration files, private keys, database credentials, or personally identifiable information (PII) of users, leading to data breaches and compliance violations under GDPR. The exposure of authentication-related files could facilitate further attacks such as privilege escalation or lateral movement within networks. Organizations in sectors with stringent data protection requirements—such as finance, healthcare, and government—face heightened risks. Additionally, the compromise of identity management systems undermines trust and can disrupt business operations. Since the vulnerability requires no authentication or user interaction and can be exploited remotely, the attack surface is broad, increasing the likelihood of exploitation if systems remain unpatched. The lack of known exploits in the wild does not reduce the urgency, as public disclosure may prompt attackers to develop exploits.
Mitigation Recommendations
1. Immediate upgrade of FusionAuth installations to version 1.41.3 or later, where the vulnerability is patched. 2. If immediate upgrade is not feasible, implement network-level controls such as web application firewalls (WAFs) with custom rules to detect and block directory traversal patterns in HTTP requests targeting FusionAuth endpoints. 3. Restrict file system permissions for the user running the FusionAuth process to the minimum necessary, ensuring it cannot read sensitive files outside the application scope. 4. Monitor FusionAuth logs for suspicious HTTP requests containing traversal sequences or unusual file access patterns. 5. Conduct regular security audits and penetration testing focused on identity management systems to detect similar vulnerabilities. 6. Employ segmentation and isolation of identity management infrastructure to limit exposure in case of compromise. 7. Educate security teams about this vulnerability to ensure rapid response and patch management. 8. Review and harden configuration files and credentials stored on the FusionAuth host to minimize sensitive data exposure.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-11-27T00:00:00.000Z
- Cisa Enriched
- true
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 682d983dc4522896dcbef497
Added to database: 5/21/2025, 9:09:17 AM
Last enriched: 6/22/2025, 7:35:28 AM
Last updated: 7/30/2025, 6:25:32 AM
Views: 7
Related Threats
CVE-2025-49898: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Xolluteon Dropshix
MediumCVE-2025-55207: CWE-601: URL Redirection to Untrusted Site ('Open Redirect') in withastro astro
MediumCVE-2025-49897: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in gopiplus Vertical scroll slideshow gallery v2
HighCVE-2025-49432: CWE-862 Missing Authorization in FWDesign Ultimate Video Player
MediumCVE-2025-55203: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in makeplane plane
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.