CVE-2022-24038

MEDIUM 6.5

Unauthorized modification in Karmasis Informatics Infraskope SIEM+

CVSS Score

6.5

EPSS Score

0.0%

EPSS Percentile

0th

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to damage the page where the agents are listed.

CWE	CWE-284
Vendor	karmasis informatics
Product	infraskope siem+
Published	Nov 18, 2022
Last Updated	Sep 17, 2024

Stay Ahead of the Next One

Get instant alerts for karmasis informatics infraskope siem+

Be the first to know when new medium vulnerabilities affecting karmasis informatics infraskope siem+ are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

Low

Affected Versions

Karmasis Informatics / Infraskope SIEM+

0 < 7.10.xx

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-22-0691 karmasis.com: https://karmasis.com/urunlerimiz/infraskope-siem/

Credits

Gokhan SAHIN