CVE-2022-29287
low-risk
Published 2022-04-16
Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password).
Do I need to act?
-
0.27% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.9/10
Medium
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (4)
Release Notes
https://devnet.kentico.com/download/hotfixes
Release Notes
https://devnet.kentico.com/download/hotfixes
26
/ 100
low-risk
Severity
20/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal