An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-07-25T00:00:00
Updated: 2024-08-03T14:47:27.859Z
Reserved: 2022-12-09T00:00:00
Link: CVE-2022-46901
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-25T20:15:13.157
Modified: 2023-08-01T01:32:04.767
Link: CVE-2022-46901
Redhat
No data.