1. Home
  2. CVE Database
  3. CVE-2022-50788
HIGH · 7.5

CVE-2022-50788

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directo...

Vulnerability Description

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directory to retrieve system and sensitive information without authentication.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
Sound4First Firmware2.15
Sound4First2.0
Sound4Impact Eco Firmware1.16
Sound4Impact Eco-
Sound4Pulse Eco Firmware1.16
Sound4Pulse Eco-
Sound4Big Voice4 Firmware1.2
Sound4Big Voice4-
Sound4Big Voice2 Firmware1.30
Sound4Big Voice2-
Sound4Wm2 Firmware1.11
Sound4Wm2-
Sound4Impact Firmware2.15
Sound4Impact2.0
Sound4Pulse Firmware2.15
Sound4Pulse2.0
Sound4Stream Extension2.4.29

Related Weaknesses (CWE)

CWE-548

References

FAQ

What is CVE-2022-50788?

CVE-2022-50788 is a vulnerability with a CVSS score of 7.5 (HIGH). SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directo...

How severe is CVE-2022-50788?

CVE-2022-50788 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-50788?

Check the references section above for vendor advisories and patch information. Affected products include: Sound4 First Firmware, Sound4 First, Sound4 Impact Eco Firmware, Sound4 Impact Eco, Sound4 Pulse Eco Firmware.