An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.
History

Wed, 23 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-07-25T00:00:00

Updated: 2024-10-29T13:37:44.930Z

Reserved: 2022-12-09T00:00:00

Link: CVE-2022-46900

cve-icon Vulnrichment

Updated: 2024-08-03T14:47:27.662Z

cve-icon NVD

Status : Modified

Published: 2023-07-25T20:15:13.087

Modified: 2024-11-21T07:31:16.370

Link: CVE-2022-46900

cve-icon Redhat

No data.