aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6795-f7fe6-1.html | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2023-01-02 19:15
Updated : 2023-01-09 18:16
NVD link : CVE-2022-39042
Mitre link : CVE-2022-39042
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
aenrich
- a\+hrd