CVE-2022-45183

Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ironmansoftware:powershell_universal:*:*:*:*:*:*:*:*
cpe:2.3:a:ironmansoftware:powershell_universal:*:*:*:*:*:*:*:*
cpe:2.3:a:ironmansoftware:powershell_universal:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:28

Type Values Removed Values Added
New CVE

Information

Published : 2022-11-14 08:15

Updated : 2024-11-21 07:28


NVD link : CVE-2022-45183

Mitre link : CVE-2022-45183

CVE.ORG link : CVE-2022-45183


JSON object : View

Products Affected

ironmansoftware

  • powershell_universal
CWE
CWE-269

Improper Privilege Management