Vulnerability CVE-2022-23854


Published: 2022-12-23

Description:
AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 Path Traversal
Jens Regel
12.11.2022

Type:

CWE-23

(Relative Path Traversal)

 References:
https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02

Copyright 2024, cxsecurity.com

 

Back to Top