Vulnerability CVE-2022-29596


Published: 2022-05-11

Description:
MicroStrategy Enterprise Manager 2022 allows authentication bypass by triggering a login failure and then entering the Uid=/../../../../../../../../../../../windows/win.ini%00.jpg&Pwd=_any_password_&ConnMode=1&3054=Login substring for directory traversal.

 References:
https://github.com/haxpunk1337/Microstrategy-Poc/blob/main/poc

Copyright 2026, cxsecurity.com

 

Back to Top