CVE-2022-23858

A flaw was found in the REST API. An improperly handled REST API call could allow any logged user to elevate privileges up to the system account. This affects StarWind Command Center build 6003 v2.

Published: Jan 24, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-23858
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
starwindsoftware / command_center	2-build_6003	2-build_6003.x

https://www.starwindsoftware.com/security/sw-20220121-0001/

Vulnerability Database

289,599

CVE-2022-23858