CVE-2022-22520

🗓️ 14 Sep 2022 14:05:30Reported by CERTVDEType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 59 Views

Remote, unauthenticated attacker can enumerate valid users on MB connect line mymbCONNECT24, mbCONNECT24, Helmholz myREX24, and myREX24.virtual through v2.11.2

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2022-22520	7 Sep 202210:00	–	attackerkb
Circl	CVE-2022-22520	14 Sep 202218:26	–	circl
CNNVD	MB CONNECT LINE mymbCONNECT24 安全漏洞	14 Sep 202200:00	–	cnnvd
Cvelist	CVE-2022-22520 User enumeration vulnerability in MB connect line and Helmholz products	14 Sep 202214:05	–	cvelist
EUVD	EUVD-2022-27666	3 Oct 202520:07	–	euvd
NVD	CVE-2022-22520	14 Sep 202214:15	–	nvd
OSV	CVE-2022-22520	14 Sep 202214:15	–	osv
Prion	Code injection	14 Sep 202214:15	–	prion
Positive Technologies	PT-2022-15490 · Helmholz +1 · Myrex24.Virtual +2	14 Sep 202200:00	–	ptsecurity

NVD

Vulners

Node

mbconnectline mbconnect24Range≤2.11.2

mbconnectline mymbconnect24Range≤2.11.2

Node

helmholz myrex24Range≤2.11.2

helmholz myrex24.virtualRange≤2.11.2

[
  {
    "product": "mymbCONNECT24",
    "vendor": "MB connect line",
    "versions": [
      {
        "lessThanOrEqual": "2.11.2",
        "status": "affected",
        "version": "2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "mbCONNECT24",
    "vendor": "MB connect line",
    "versions": [
      {
        "lessThanOrEqual": "2.11.2",
        "status": "affected",
        "version": "2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "myREX24",
    "vendor": "Helmholz",
    "versions": [
      {
        "lessThanOrEqual": "2.11.2",
        "status": "affected",
        "version": "2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "myREX24.virtual",
    "vendor": "Helmholz",
    "versions": [
      {
        "lessThanOrEqual": "2.11.2",
        "status": "affected",
        "version": "2",
        "versionType": "custom"
      }
    ]
  }
]