CVE-2022-27192

Name of the Vulnerable Software and Affected Versions DVS Avilys versions prior to 3.5.58

Description The issue affects the Reporting module in the DVS Avilys document management system, allowing unauthorized file download. An unauthenticated attacker can impersonate an administrator by reading administrative files.

Recommendations For versions prior to 3.5.58, update to version 3.5.58 or later to resolve the issue. As a temporary workaround, consider restricting access to the Reporting module to minimize the risk of exploitation.