3 matches found
CVE-2022-4980
General Bytes CAS suffered an authentication bypass in the admin web interface affecting versions 20201208–20220531.38 (backport) and 20220725.22 (mainline). An unauthenticated attacker could hit the default/install/first-admin page to create a new admin account, gain privileges, and redirect fun...
CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...
CVE-2022-4980 General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page
General Bytes Crypto Application Server CAS beginning with version 20201208 prior to 20220531.38 backport and 20220725.22 mainline contains an authentication bypass in the admin web interface. An unauthenticated attacker could invoke the same URL used by the product's default-installation /...