CVE-2022-46901

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 25, 2023

Updated: Aug 1, 2023

CWE ID 668

Summary

CVE-2022-46901 is a serious vulnerability affecting Vocera Report Server and Voice Server 5.x through 5.8. The issue involves an Access Control Violation for Database Operations. Hackers can exploit this weakness through the unauthenticated websocket interface in the Vocera Report Console. This interface permits the unauthorized execution of tasks and database functions, including system tasks and operations like backing up, loading, and clearing of the database. This poses a significant risk to the security and integrity of impacted systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sHVAEx
https://www.cve.org/CVERecord?id=CVE-2022-46901
https://nvd.nist.gov/vuln/detail/CVE-2022-46901

Back to Vulnerability Database

CVE-2022-46901

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations