Vulnerability Details CVE-2022-22845
QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the same 167f0db2-f83e-4baa-9736-d56064a5b415 JWT secret key across different customers' installations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.135
EPSS Ranking 93.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://sipcapture.org
- https://github.com/sipcapture/homer
- https://github.com/sipcapture/homer-app/commit/7f92f3afc8b0380c14af3d0fc1c365318a2d1591
- https://github.com/sipcapture/homer-app/compare/1.4.27...1.4.28
- http://sipcapture.org
- https://github.com/sipcapture/homer
- https://github.com/sipcapture/homer-app/commit/7f92f3afc8b0380c14af3d0fc1c365318a2d1591
- https://github.com/sipcapture/homer-app/compare/1.4.27...1.4.28
Products affected by CVE-2022-22845
-
cpe:2.3:a:qxip:homer_webapp:0.1.0
-
cpe:2.3:a:qxip:homer_webapp:1.0.1
-
cpe:2.3:a:qxip:homer_webapp:1.0.3
-
cpe:2.3:a:qxip:homer_webapp:1.1.12
-
cpe:2.3:a:qxip:homer_webapp:1.1.15
-
cpe:2.3:a:qxip:homer_webapp:1.1.16
-
cpe:2.3:a:qxip:homer_webapp:1.1.17
-
cpe:2.3:a:qxip:homer_webapp:1.1.2
-
cpe:2.3:a:qxip:homer_webapp:1.1.20
-
cpe:2.3:a:qxip:homer_webapp:1.1.21
-
cpe:2.3:a:qxip:homer_webapp:1.1.22
-
cpe:2.3:a:qxip:homer_webapp:1.1.23
-
cpe:2.3:a:qxip:homer_webapp:1.1.26
-
cpe:2.3:a:qxip:homer_webapp:1.1.27
-
cpe:2.3:a:qxip:homer_webapp:1.1.28
-
cpe:2.3:a:qxip:homer_webapp:1.1.29
-
cpe:2.3:a:qxip:homer_webapp:1.1.31
-
cpe:2.3:a:qxip:homer_webapp:1.1.32
-
cpe:2.3:a:qxip:homer_webapp:1.1.35
-
cpe:2.3:a:qxip:homer_webapp:1.1.37
-
cpe:2.3:a:qxip:homer_webapp:1.1.39
-
cpe:2.3:a:qxip:homer_webapp:1.1.4
-
cpe:2.3:a:qxip:homer_webapp:1.1.40
-
cpe:2.3:a:qxip:homer_webapp:1.1.6
-
cpe:2.3:a:qxip:homer_webapp:1.1.8
-
cpe:2.3:a:qxip:homer_webapp:1.2.0
-
cpe:2.3:a:qxip:homer_webapp:1.2.1
-
cpe:2.3:a:qxip:homer_webapp:1.2.2
-
cpe:2.3:a:qxip:homer_webapp:1.2.3
-
cpe:2.3:a:qxip:homer_webapp:1.2.4
-
cpe:2.3:a:qxip:homer_webapp:1.2.5
-
cpe:2.3:a:qxip:homer_webapp:1.2.6
-
cpe:2.3:a:qxip:homer_webapp:1.3.0
-
cpe:2.3:a:qxip:homer_webapp:1.3.1
-
cpe:2.3:a:qxip:homer_webapp:1.3.10
-
cpe:2.3:a:qxip:homer_webapp:1.3.11
-
cpe:2.3:a:qxip:homer_webapp:1.3.12
-
cpe:2.3:a:qxip:homer_webapp:1.3.13
-
cpe:2.3:a:qxip:homer_webapp:1.3.14
-
cpe:2.3:a:qxip:homer_webapp:1.3.15
-
cpe:2.3:a:qxip:homer_webapp:1.3.16
-
cpe:2.3:a:qxip:homer_webapp:1.3.17
-
cpe:2.3:a:qxip:homer_webapp:1.3.18
-
cpe:2.3:a:qxip:homer_webapp:1.3.19
-
cpe:2.3:a:qxip:homer_webapp:1.3.2
-
cpe:2.3:a:qxip:homer_webapp:1.3.20
-
cpe:2.3:a:qxip:homer_webapp:1.3.21
-
cpe:2.3:a:qxip:homer_webapp:1.3.22
-
cpe:2.3:a:qxip:homer_webapp:1.3.23
-
cpe:2.3:a:qxip:homer_webapp:1.3.24
-
cpe:2.3:a:qxip:homer_webapp:1.3.25
-
cpe:2.3:a:qxip:homer_webapp:1.3.26
-
cpe:2.3:a:qxip:homer_webapp:1.3.27
-
cpe:2.3:a:qxip:homer_webapp:1.3.28
-
cpe:2.3:a:qxip:homer_webapp:1.3.3
-
cpe:2.3:a:qxip:homer_webapp:1.3.4
-
cpe:2.3:a:qxip:homer_webapp:1.3.5
-
cpe:2.3:a:qxip:homer_webapp:1.3.6
-
cpe:2.3:a:qxip:homer_webapp:1.3.7
-
cpe:2.3:a:qxip:homer_webapp:1.3.8
-
cpe:2.3:a:qxip:homer_webapp:1.3.9
-
cpe:2.3:a:qxip:homer_webapp:1.4.0
-
cpe:2.3:a:qxip:homer_webapp:1.4.1
-
cpe:2.3:a:qxip:homer_webapp:1.4.13
-
cpe:2.3:a:qxip:homer_webapp:1.4.14
-
cpe:2.3:a:qxip:homer_webapp:1.4.15
-
cpe:2.3:a:qxip:homer_webapp:1.4.16
-
cpe:2.3:a:qxip:homer_webapp:1.4.17
-
cpe:2.3:a:qxip:homer_webapp:1.4.18
-
cpe:2.3:a:qxip:homer_webapp:1.4.2
-
cpe:2.3:a:qxip:homer_webapp:1.4.20
-
cpe:2.3:a:qxip:homer_webapp:1.4.21
-
cpe:2.3:a:qxip:homer_webapp:1.4.22
-
cpe:2.3:a:qxip:homer_webapp:1.4.23
-
cpe:2.3:a:qxip:homer_webapp:1.4.24
-
cpe:2.3:a:qxip:homer_webapp:1.4.25
-
cpe:2.3:a:qxip:homer_webapp:1.4.26
-
cpe:2.3:a:qxip:homer_webapp:1.4.27