Access Control Flaw in Lin CMS Spring Boot by Mesec
CVE-2022-32430

7.5HIGH

Key Information:

Vendor: Talelin
Status: Lin-cms-spring-boot
Vendor: CVE Published:; 21 July 2022

What is CVE-2022-32430?

An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to bypass security measures, enabling unauthorized access to sensitive backend information and functionalities. This vulnerability poses significant risks as attackers can exploit it to manipulate application behaviors and data without appropriate permissions.

References

https://www.mesec.cn/archives/278

x_refsource_MISC

https://www.mesec.cn/archives/277

x_refsource_MISC

EPSS Score

77% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 21, 2022
Vulnerability Reserved
Jun 5, 2022

CVE-2022-32430 Data

JSON

Talelin

What is CVE-2022-32430?

References

EPSS Score

CVSS V3.1

Timeline