CVE-2022-21828
CVE-2022-21828
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 3.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
04 Mar 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
Affected products
n/a · Ivanti Incapptic ConnectWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →