CVE-2022-47554

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 19, 2023

Updated: Aug 3, 2024

CWE ID 200

Summary

CVE-2022-47554 is a vulnerability affecting ekorCCP and ekorRCI where sensitive information is exposed in various .xml files. A remote attacker can exploit this vulnerability to obtain critical information, including credentials, without needing authentication within the web server. This issue poses a significant risk as it allows unauthorized access to sensitive data, potentially leading to data breaches or further system compromise. Organizations using these applications are advised to apply the available patches as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Ormazabal

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/suuWte
https://www.cve.org/CVERecord?id=CVE-2022-47554
https://nvd.nist.gov/vuln/detail/CVE-2022-47554

Back to Vulnerability Database

CVE-2022-47554

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations