Inadequate Authorization in smart eVision Allows Unauthorized Access to Sensitive Information

Inadequate Authorization in smart eVision Allows Unauthorized Access to Sensitive Information

CVE-2022-39030 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

smart eVision has inadequate authorization for system information query function. An unauthenticated remote attacker, who is not explicitly authorized to access the information, can access sensitive information.

Learn more about our Web Application Penetration Testing UK.