CVE-2022-44795

CVE-2022-44795

An issue was discovered in Object First 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That can lead to prediction of the generated URL. As a result, an attacker can get access to system logs. An attacker would need credentials to exploit this vulnerability. This is fixed in 1.0.13.1611.

Source: CVE-2022-44795

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다