Vulnerabilities (CVE)

Filtered by vendor Vocera Subscribe
Filtered by product Voice Server
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-46902 1 Vocera 2 Report Server, Voice Server 2024-10-30 N/A 7.5 HIGH
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination.
CVE-2022-46900 1 Vocera 2 Report Server, Voice Server 2024-10-29 N/A 6.5 MEDIUM
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.
CVE-2022-46901 1 Vocera 2 Report Server, Voice Server 2024-02-05 N/A 7.5 HIGH
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.
CVE-2022-46898 1 Vocera 2 Report Server, Voice Server 2024-02-05 N/A 9.8 CRITICAL
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database.
CVE-2022-46899 1 Vocera 2 Report Server, Voice Server 2024-02-05 N/A 7.5 HIGH
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter.