CVE-2022-34365
Severity
6.5MEDIUM
EPSS
0.5%
top 34.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 10
Latest updateAug 11
Description
WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6