CVE-2022-1401

High

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an…

Bitdefender·CWE-863·Published 2022-08-16

CVSS

7.5

EPSS

0.18

KEV

Exploits

cve.orgen

275 chars

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00.

NVDen

275 chars

NVDes

303 chars

Una vulnerabilidad de Control de Acceso Inapropiado en la ruta /Exago/WrImageResource.adx usada en Device42 Asset Management Appliance permite a un atacante no autenticado leer archivos confidenciales del servidor con permisos root. Este problema afecta a: Device42 CMDB versiones anteriores a 18.01.00.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
3.1	Primary	cve.org	6.9	—	—	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N
3.1	Secondary	NVD	6.9	1.6	4.7	CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N