Lucene search
MitreCVE-2022-47075HistoryFeb 28, 2023 - 11:15 p.m.
CVE-2022-47075
2023-02-2823:15:11
mitre
web.nvd.nist.gov
23
cve-2022-47075
smart office web
information security
sensitive information
vulnerability
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0.029
Percentile
91.0%
An issue was discovered in Smart Office Web 20.28 and earlier allows attackers to download sensitive information via the action name parameter to ExportEmployeeDetails.aspx, and to ExportReportingManager.aspx.
Affected configurations
Node
smartofficepayrollsmartofficeRange≤20.28web
| Vendor | Product | Version | CPE |
|---|---|---|---|
| smartofficepayroll | smartoffice | * | cpe:2.3:a:smartofficepayroll:smartoffice:*:*:*:*:web:*:*:* |
Related
nvd
nvd
CVE-2022-47075
2023-02-28 23:15:11
prion
prion
Design/Logic Flaw
2023-02-28 23:15:00
nuclei
nuclei
Smart Office Web 20.28 - Information Disclosure
2023-10-17 07:20:28
cvelist
cvelist
CVE-2022-47075
2023-02-28 00:00:00
zdt
zdt
packetstorm
packetstorm
exploitdb
exploitdb
Smart Office Web 20.28 - Remote Information Disclosure (Unauthenticated)
2023-06-22 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
7.3
Confidence
High
EPSS
0.029
Percentile
91.0%
Related for CVE-2022-47075