Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2022-24387
Modified
More InfoOfficial Page
Source-csirt@divd.nl
View Known Exploited Vulnerability (KEV) details
Published At-14 Mar, 2022 | 13:15
Updated At-21 Nov, 2024 | 06:50

With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Primary3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary2.06.5MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
CPE Matches
smartertools
smartertools
>>smartertrack>>Versions from 100.0.8019(inclusive) to 100.0.8075(exclusive)
cpe:2.3:a:smartertools:smartertrack:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-434Secondarycsirt@divd.nl
CWE-434Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://csirt.divd.nl/CVE-2022-24387/csirt@divd.nl
N/A
https://csirt.divd.nl/DIVD-2021-00029csirt@divd.nl
Third Party Advisory
VDB Entry
https://csirt.divd.nl/DIVD-2021-00029af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://csrit.divd.nl/CVE-2022-24387af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found