CVE-2022-2893

CVSS 8.2 HIGHEPSS 0.7%CWE-22

RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Produtos afetados

RONDS · Equipment Predictive Maintenance Solution

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-02