8.8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
59.2%
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6.
blog.ironmansoftware.com/psu-2022-11-cve/
docs.powershelluniversal.com/changelog
ironmansoftware.com