Vulnerability Details CVE-2022-28719
Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.07
EPSS Ranking 91.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 9.3
References