PT-2022-22664 · Unknown · Endpoint Manager
Published
2022-12-05
·
Updated
2022-12-07
·
CVE-2022-35259
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Endpoint Manager versions 2022.3 and below
Description
The issue allows for XML injection, which can lead to the download of a malicious file. This file may run and potentially execute, resulting in the gain of unauthorized privileges.
Recommendations
For Endpoint Manager versions 2022.3 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Endpoint Manager