Vulnerability Details CVE-2022-38617
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at /SVFE2/pages/audit/voiceaudit.jsf.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.1%
CVSS Severity
CVSS v3 Score 8.8
References
- http://bpcbt.com
- http://smartvista.com
- https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-voice-audit-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38617
- http://bpcbt.com
- http://smartvista.com
- https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-voice-audit-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38617
Products affected by CVE-2022-38617
-
cpe:2.3:a:bpcbt:smartvista:2.2.22