CVE-2022-24860

Summary

Databasir is a team-oriented relational database model document management platform. Databasir 1.01 has Use of Hard-coded Cryptographic Key vulnerability. An attacker can use hard coding to generate login credentials of any user and log in to the service background located at different IP addresses.

Affected Software

VendorProductVersion RangeStatus
vran-devdatabasir> 1.0.1affected

Weaknesses

  • CWE-321: CWE-321: Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References