← back
CVE-2022-2265

Path traversal in Identity and Directory Management System

CVSS 7.5 HIGHEPSS 0.7%CWE-35
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
21 Sep 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Çekino Bilgi Teknolojileri · Çekino Bilgi Teknolojileri

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0636https://www.usom.gov.tr/bildirim/tr-22-0636