CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27192

The Reporting module in Aseco Lietuva document management system DVS Avilys before 3.5.58 allows unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.6%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/transcendent-group/advisories/blob/main/CVE-2022-27192.md
https://lt.asseco.com/sprendimai/dokumentu-valdymas/dvs-avilys/
https://github.com/transcendent-group/advisories/blob/main/CVE-2022-27192.md
https://lt.asseco.com/sprendimai/dokumentu-valdymas/dvs-avilys/

Products affected by CVE-2022-27192

Asseco » Dvs Avilys » Version: Any

cpe:2.3:a:asseco:dvs_avilys:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27192

Products

Pricing

Contact Us