CVE-2022-45184: 
Ironman Software PowerShell Universal vulnerability analysis and mitigation

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x contains a directory traversal vulnerability (CVE-2022-45184) that was discovered and disclosed on November 11th, 2022. This vulnerability allows remote attackers with administrator privileges to create, delete, update, and display files outside of the configuration directory through crafted HTTP requests to specific web server endpoints. The affected versions include PowerShell Universal 3.x versions prior to 3.5.3 and 3.4.7 (Vendor Advisory).

The vulnerability stems from invalid path validation in the web server component that allowed administrator users to construct HTTP requests capable of creating files outside of the PowerShell Universal repository (configuration) directory. The vulnerability has been assigned a CVSS v3.1 base score of 7.2 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified as CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (NVD).

The vulnerability allows authenticated administrators to perform unauthorized file operations outside the intended configuration directory scope. This includes the ability to create, delete, update, and display files in arbitrary locations on the system, potentially leading to system compromise or unauthorized access to sensitive data (Vendor Advisory).

The vulnerability has been patched in PowerShell Universal versions 3.5.3 and 3.4.7. Organizations using affected versions should upgrade to these patched versions to remediate the vulnerability. The fix addresses the path validation issues that allowed for directory traversal (Vendor Advisory).

The vulnerability was responsibly disclosed by security researcher Thierry Viaccoz to Ironman Software through their Vulnerability Response Policy. The vendor promptly addressed the issue by releasing patched versions (Vendor Advisory).