CVE-2022-22113

Summary

In DayByDay CRM, versions 2.2.0 through 2.2.1 (latest) are vulnerable to Insufficient Session Expiration. When a password has been changed by the user or by an administrator, a user that was already logged in, will still have access to the application even after the password was changed.

Affected Software

VendorProductVersion RangeStatus
BotteletDaybydayCRM2.2.0 < unspecifiedaffected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CVE Program Container

Additional References

References