Lucene search
MitreCVE-2022-24631HistoryMay 29, 2023 - 9:15 p.m.
CVE-2022-24631
2023-05-2921:15:09
CWE-79
mitre
web.nvd.nist.gov
24
cve-2022-24631
audiocodes
device manager express
xss
security vulnerability
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
23.5%
An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is stored XSS via the ajaxTenants.php desc parameter.
Affected configurations
Node
audiocodesdevice_manager_expressRange≤7.8.20002.47752
| Vendor | Product | Version | CPE |
|---|---|---|---|
| audiocodes | device_manager_express | * | cpe:2.3:a:audiocodes:device_manager_express:*:*:*:*:*:*:*:* |
References
Related
cvelist
cvelist
CVE-2022-24631
2023-05-29 00:00:00
prion
prion
Cross site scripting
2023-05-29 21:15:00
nvd
nvd
CVE-2022-24631
2023-05-29 21:15:09
exploitdb
exploitdb
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE)
2023-03-30 00:00:00
packetstorm
packetstorm
zdt
zdt
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.9
Confidence
High
EPSS
0.001
Percentile
23.5%
Related for CVE-2022-24631