CVE-2022-22796

Sysaid – Sysaid System Takeover - An attacker can bypass the authentication process by accessing to: /wmiwizard.jsp, Then to: /ConcurrentLogin.jsp, then click on the login button, and it will redirect you to /home.jsp without any authentication.
References
Link Resource
https://www.gov.il/en/departments/faq/cve_advisories Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:sysaid:sysaid:*:*:*:*:on-premises:*:*:*
cpe:2.3:a:sysaid:sysaid:*:*:*:*:cloud:*:*:*

Information

Published : 2022-05-12 08:15

Updated : 2022-05-23 06:46


NVD link : CVE-2022-22796

Mitre link : CVE-2022-22796

Products Affected
No products.
CWE