Information Disclosure Vulnerability in SmartBear Zephyr Enterprise Allows Unauthorized File Access

Information Disclosure Vulnerability in SmartBear Zephyr Enterprise Allows Unauthorized File Access

CVE-2023-22892 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.

Learn more about our User Device Pen Test.