Vulnerability CVE-2022-38168
Published: 2022-11-03

Description:
** UNSUPPORTED WHEN ASSIGNED ** Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows remote unauthenticated attackers to bypass the login page, access sensitive information, and reset user passwords via URL modification.

 References:
https://medium.com/@rob_nes/avaya-scopia-pathfinder-broken-access-control-ac792e995bae
Copyright 2026, cxsecurity.com

 

Back to Top