CVE-2022-38297

Critical

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

mitre·CWE-565·Published 2022-09-12

CVSS

9.8

EPSS

0.01

KEV

Exploits

cve.orgen

100 chars

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

NVDen

100 chars

UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning.

NVDes

135 chars

UCMS versión v1.6.0, contiene una vulnerabilidad de omisión de autenticación que es explotada por medio de un envenenamiento de cookies

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H