CVE-2022-37027

moderate-risk
Published 2022-09-21

Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime Options in the web interface can inject Java Runtime Options. These take effect after a restart. For example, an attacker can enable JMX services and consequently achieve remote code execution as the system user.

Do I need to act?

~
6.2% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.2/10 High
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Ahsay

References (10)

Release Notes https://wiki.ahsay.com/doku.php?id=public:resources:release_notes_v9320
Product https://www.ahsay.com/jsp/en/downloads/ahsay-downloads_latest-software_ahsaycbs....
Permissions Required https://www.ahsay.com/partners/en/home/index.jsp?pageContentKey=ahsay_assets_lat...
Third Party Advisory https://www.compass-security.com/en/research/advisories
Exploit https://www.compass-security.com/fileadmin/Research/Advisories/2022_12_CSNC-2022...
Release Notes https://wiki.ahsay.com/doku.php?id=public:resources:release_notes_v9320
Product https://www.ahsay.com/jsp/en/downloads/ahsay-downloads_latest-software_ahsaycbs....
Permissions Required https://www.ahsay.com/partners/en/home/index.jsp?pageContentKey=ahsay_assets_lat...
Third Party Advisory https://www.compass-security.com/en/research/advisories
Exploit https://www.compass-security.com/fileadmin/Research/Advisories/2022_12_CSNC-2022...
40
/ 100
moderate-risk
Severity 26/34 · High
Exploitability 9/34 · Low
Exposure 5/34 · Minimal