An issue was discovered in Object... CVE-2022-44795

- AV AC AU C I A
发布: 2024-12-11
修订: 2024-12-11

An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, an attacker can get access to system logs. An attacker would need credentials to exploit this vulnerability. This is fixed in 1.0.13.1611.

0%
暂无可用Exp或PoC
当前有0条受影响产品信息