Zurück zur CVE-Übersicht
CVE-2022-38577
HIGH(8.8)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Risk Signal Score22/100 — NIEDRIG
- CVSS 8.8 — Hoch
EPSS-Score
2%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.8
Technische Schwere
Beschreibung
ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators.
Referenzen
- http://packetstormsecurity.com/files/168427/ProcessMaker-Privilege-Escalation.ht...
- https://drive.google.com/file/d/1iP9NYUkYEy_FGMpcnTkUWn8nGcqDT02_/view?usp=shari...
- http://packetstormsecurity.com/files/168427/ProcessMaker-Privilege-Escalation.ht...
- http://processmaker.com
- https://drive.google.com/file/d/1iP9NYUkYEy_FGMpcnTkUWn8nGcqDT02_/view?usp=shari...