CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-44030

Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.redmine.org/news/139
https://www.redmine.org/projects/redmine/wiki/Security_Advisories
https://www.redmine.org/news/139
https://www.redmine.org/projects/redmine/wiki/Security_Advisories

Products affected by CVE-2022-44030

Redmine » Redmine » Version: 5.0.0

cpe:2.3:a:redmine:redmine:5.0.0
Redmine » Redmine » Version: 5.0.1

cpe:2.3:a:redmine:redmine:5.0.1
Redmine » Redmine » Version: 5.0.2

cpe:2.3:a:redmine:redmine:5.0.2
Redmine » Redmine » Version: 5.0.3

cpe:2.3:a:redmine:redmine:5.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-44030

Products

Pricing

Contact Us