Spoofing

2022-04-1120:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.8%

JSON

A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.

CPENameOperatorVersion
incapptic_connectlt1.40.2

CPE	Name	Operator	Version
	incapptic_connect	lt	1.40.2

References

excellium-services.com/cert-xlm-advisory/cve-2022-22572/

forums.ivanti.com/s/article/Security-Advisory-for-incapptic-Connect-SA-2022-03-10?language=en_US