CVE-2022-36781

WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor the traffic, and perform a brute force on the session code in order to get in. Sensitive data about the company , get in a session.
References
Link Resource
https://www.gov.il/en/Departments/faq/cve_advisories Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:connectwise:connectwise:*:*:*:*:*:*:*:*

Information

Published : 2022-09-28 08:15

Updated : 2022-11-10 03:58


NVD link : CVE-2022-36781

Mitre link : CVE-2022-36781

Products Affected
No products.
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts