Vulnerability Description
The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Parantezteknoloji | Koha Library Automation | < 19.05.03.01 |
Related Weaknesses (CWE)
References
- https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0635
- https://www.usom.gov.tr/bildirim/tr-22-0635Third Party Advisory
- https://www.usom.gov.tr/bildirim/tr-22-0635Third Party Advisory
FAQ
What is CVE-2022-0495?
CVE-2022-0495 is a vulnerability with a CVSS score of 9.4 (CRITICAL). The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.
How severe is CVE-2022-0495?
CVE-2022-0495 has been rated CRITICAL with a CVSS base score of 9.4/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-0495?
Check the references section above for vendor advisories and patch information. Affected products include: Parantezteknoloji Koha Library Automation.