aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6795-f7fe6-1.html | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2023-01-03T00:00:00
Updated: 2023-01-03T00:00:00
Reserved: 2022-08-30T00:00:00
Link: CVE-2022-39042
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-03T03:15:09.877
Modified: 2023-01-10T02:16:34.780
Link: CVE-2022-39042
JSON object: View
Redhat Information
No data.
CWE