CVE-2022-40756
8.8
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
If folder security is misconfigured for Actian Zen PSQL BEFORE Patch Update 1 for Zen 15 SP1 (v15.11.005), Patch Update 4 for Zen 15 (v15.01.017), or Patch Update 5 for Zen 14 SP2 (v14.21.022), it can allow an attacker (with file read/write access) to remove specific security files in order to reset the master password and gain access to the database.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.actian.com/support-services/
- https://actian.my.salesforce.com/sfc/p/#300000001XnW/a/4y000000LhjZ/s7Hk0dFM1Z9nLuAPa50rMaZie7mqCR5u33NZFbdKT7Q
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.actian.com/support-services/
- https://actian.my.salesforce.com/sfc/p/#300000001XnW/a/4y000000LhjZ/s7Hk0dFM1Z9nLuAPa50rMaZie7mqCR5u33NZFbdKT7Q
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.