exploitDog

CVE-2022-47076

Опубликовано: 28 фев. 2023

Источник: nvd

CVSS3: 7.5

EPSS Средний

Описание

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.

Ссылки

http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html
https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/
Exploit
Third Party Advisory
https://cvewalkthrough.com/smart-office-suite-unauthenticated-data-ex/
Broken Link
https://youtu.be/D42upepxzwM
Permissions Required
http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html
https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/
Exploit
Third Party Advisory
https://cvewalkthrough.com/smart-office-suite-unauthenticated-data-ex/
Broken Link
https://youtu.be/D42upepxzwM
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:smartofficepayroll:smartoffice:*:*:*:*:web:*:*:*

Версия до 20.28 (включая)

EPSS

Процентиль: 95%

0.18292

Средний

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-pw3p-p75r-9r3f

CVSS3: 7.5

github

почти 3 года назад

An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to view sensitive information via DisplayParallelLogData.aspx.

EPSS

Процентиль: 95%

0.18292

Средний

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo