PT-2022-22628 · Unknown · Contract Management System
Published
2022-08-18
·
Updated
2023-08-08
·
CVE-2022-35198
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Contract Management System version 2.0
Description
The issue is related to a weak default password in the Contract Management System, which allows attackers to access database connection information.
Recommendations
For Contract Management System version 2.0, change the default password to a strong and unique one to prevent unauthorized access to database connection information.
Exploit
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Contract Management System