Lucene search
MitreCVE-2022-38619HistorySep 21, 2022 - 12:15 a.m.
CVE-2022-38619
2022-09-2100:15:10
CWE-89
mitre
web.nvd.nist.gov
41
7
cve-2022-38619
smartvista
svfe2
sql injection
userform
vulnerability
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
53.1%
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf.
Affected configurations
Node
bpcbtsmartvista_front-endMatch2.2.22
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bpcbt | smartvista_front-end | 2.2.22 | cpe:2.3:a:bpcbt:smartvista_front-end:2.2.22:*:*:*:*:*:*:* |
References
Social References
More
Related
cvelist
cvelist
CVE-2022-38619
2022-09-20 23:59:47
prion
prion
Sql injection
2022-09-21 00:15:00
nvd
nvd
CVE-2022-38619
2022-09-21 00:15:10
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
53.1%
Related for CVE-2022-38619