CVE-2023-22892

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.
References
Link Resource
https://smartbear.com/security/cve/ Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:smartbear:zephyr_enterprise:*:*:*:*:*:*:*:*

History

14 Mar 2023, 20:20

Type Values Removed Values Added
CWE CWE-668
References (MISC) https://smartbear.com/security/cve/ - (MISC) https://smartbear.com/security/cve/ - Vendor Advisory
CPE cpe:2.3:a:smartbear:zephyr_enterprise:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

09 Mar 2023, 14:01

Type Values Removed Values Added
New CVE

Information

Published : 2023-03-08 21:15

Updated : 2024-02-04 23:14


NVD link : CVE-2023-22892

Mitre link : CVE-2023-22892

CVE.ORG link : CVE-2023-22892


JSON object : View

Products Affected

smartbear

  • zephyr_enterprise
CWE
CWE-668

Exposure of Resource to Wrong Sphere