CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-34908

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in a request. Therefore, an attacker may send a simple HTTP request to the right endpoint, and obtain authorization to retrieve application data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.7%

CVSS Severity

CVSS v3 Score 8.2

References

https://cds.thalesgroup.com/en/tcs-cert/CVE-2022-34908
https://excellium-services.com/cert-xlm-advisory/CVE-2022-34908
https://www.aremis.com/en_GB/welcome
https://excellium-services.com/cert-xlm-advisory/CVE-2022-34908
https://www.aremis.com/en_GB/welcome

Products affected by CVE-2022-34908

Aremis » Aremis 4 Nomads » Version: N/A

cpe:2.3:a:aremis:aremis_4_nomads:-
Aremis » Aremis 4 Nomads » Version: 1.5.0

cpe:2.3:a:aremis:aremis_4_nomads:1.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-34908

Products

Pricing

Contact Us