CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22520

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.0%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2022-22520

Helmholz » Myrex24.virtual » Version: 2.11.2

cpe:2.3:a:helmholz:myrex24.virtual:2.11.2
Helmholz » Myrex24 » Version: 2.11.2

cpe:2.3:a:helmholz:myrex24:2.11.2
Mbconnectline » Mbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mbconnect24:-
Mbconnectline » Mbconnect24 » Version: 2.11.2

cpe:2.3:a:mbconnectline:mbconnect24:2.11.2
Mbconnectline » Mbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mbconnect24:2.5.0
Mbconnectline » Mbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mbconnect24:2.6.1
Mbconnectline » Mbconnect24 » Version: 2.6.2

cpe:2.3:a:mbconnectline:mbconnect24:2.6.2
Mbconnectline » Mbconnect24 » Version: 2.8.0

cpe:2.3:a:mbconnectline:mbconnect24:2.8.0
Mbconnectline » Mymbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mymbconnect24:-
Mbconnectline » Mymbconnect24 » Version: 2.11.2

cpe:2.3:a:mbconnectline:mymbconnect24:2.11.2
Mbconnectline » Mymbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mymbconnect24:2.5.0
Mbconnectline » Mymbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1
Mbconnectline » Mymbconnect24 » Version: 2.6.2

cpe:2.3:a:mbconnectline:mymbconnect24:2.6.2
Mbconnectline » Mymbconnect24 » Version: 2.8.0

cpe:2.3:a:mbconnectline:mymbconnect24:2.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22520

Products

Pricing

Contact Us