OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and disrupt service.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2022-08-04T09:15:28.816526Z
Updated: 2024-09-16T20:57:26.072Z
Reserved: 2022-06-10T00:00:00
Link: CVE-2022-32965
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-08-04T10:15:08.250
Modified: 2022-10-26T02:49:21.977
Link: CVE-2022-32965
Redhat
No data.