CVE-2022-48367

🗓️ 12 Mar 2023 05:12:15Reported by [email protected]Type

eZ Publish Ibexa Kernel 7.5.28 security flaw in object state access control

Reporter	Title	Published	Views	Family All 7
Vulnrichment	CVE-2022-48367	12 Mar 202300:00	–	vulnrichment
Cvelist	CVE-2022-48367	12 Mar 202300:00	–	cvelist
CVE	CVE-2022-48367	12 Mar 202305:15	–	cve
OSV	Access control issue in ezsystems/ezpublish-kernel	12 Mar 202306:30	–	osv
Prion	Design/Logic Flaw	12 Mar 202305:15	–	prion
Veracode	Improper Access Control	17 Mar 202303:01	–	veracode
Github Security Blog	Access control issue in ezsystems/ezpublish-kernel	12 Mar 202306:30	–	github

Nvd

Node

ibexa digital_experience_platformRange3.3.0–3.3.18

ibexa digital_experience_platformRange4.0.0–4.0.5

ibexa digital_experience_platformRange4.1.0–4.1.2

ibexa ezplatform-http-cache-fastlyRange1.1.0–1.1.9

ibexa ezplatform-http-cache-fastlyRange2.0.0–2.0.11

ibexa fastlyRange4.0.0–4.0.5

ibexa fastlyRange4.1.0–4.1.2

ibexa ez_platform_kernelRange1.3.0–1.3.17

ibexa ez_platform_kernelRange7.5.0–7.5.28

ibexa kernelRange4.0.0–4.0.7

ibexa kernelRange4.1.0–4.1.4

Source	Link
developers	www.developers.ibexa.co/security-advisories/ibexa-sa-2022-004-ineffective-object-state-limitation-and-unauthenticated-fastly-purge
github	www.github.com/ezsystems/ezpublish-kernel/security/advisories/GHSA-5x4f-7xgq-r42x

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Mar 2023 05:15Current

9.5High risk

Vulners AI Score9.5

CVSS39.8

EPSS0.00196

CWE-862