CVE-2022-34769 — MEDIUM (6.3)

Q: How severe is CVE-2022-34769?

CVE-2022-34769 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-34769?

Check the references section above for vendor advisories and patch information. Affected products include: Rashim Michlol.

Vulnerability Description

Michlol - rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specific user is not allowed to perform. However all the attacker needs to do in order to achieve his goals is to change the value of the ptMsl parameter and then the attacker can access sensitive data that he not supposed to access because its belong to another user.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Rashim	Michlol	< 187.4392

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2022-34769?

CVE-2022-34769 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Michlol - rashim web interface Insecure direct object references (IDOR). First of all, the attacker needs to login. After he performs log into the system there are some functionalities that the specif...

How severe is CVE-2022-34769?

CVE-2022-34769 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-34769?

Check the references section above for vendor advisories and patch information. Affected products include: Rashim Michlol.