CVE-2022-34906

Published: Jul 25, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://kb.filewave.com/pages/viewpage.action?pageId=55544244

x_refsource_MISC

https://claroty.com/2022/07/25/blog-research-with-management-comes-risk-finding-flaws-in-filewave-mdm/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-34906

Description

Affected Products

References