PT-2023-14638 · Temenos · Temenos Cwx
Whitebearvn
·
Published
2023-06-21
·
Updated
2024-12-06
·
CVE-2022-45287
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Temenos CWX version 8.5.6
Description
The issue is related to an access control problem in the Registration.aspx file, allowing authenticated attackers to escalate privileges and execute arbitrary administrative commands.
Recommendations
For Temenos CWX version 8.5.6, consider restricting access to the Registration.aspx file until a patch is available. As a temporary workaround, limit the privileges of authenticated users to prevent them from performing administrative commands.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Temenos Cwx