CVE-2022-34907
First published: Mon Jul 25 2022(Updated: )
An authentication bypass vulnerability exists in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to gain access to the system with the highest authority possible and gain full control over the FileWave platform.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FileWave | <14.6.3 | |
| FileWave | >=14.7.0<14.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-34907?
CVE-2022-34907 is classified as a critical authentication bypass vulnerability, allowing unauthorized access to the FileWave platform.
How do I fix CVE-2022-34907?
To fix CVE-2022-34907, upgrade to FileWave version 14.6.3 or 14.7.2 and ensure all previous versions are patched.
What systems are affected by CVE-2022-34907?
CVE-2022-34907 affects FileWave versions earlier than 14.6.3 and versions 14.7.0 to 14.7.1.
Can CVE-2022-34907 be exploited remotely?
Yes, CVE-2022-34907 can be exploited by an unauthenticated remote attacker with no prior access requirements.
What are the potential impacts of CVE-2022-34907?
Exploitation of CVE-2022-34907 can allow attackers full control over the FileWave platform, jeopardizing system integrity and data security.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- vendor/filewave
- canonical/filewave
- version/filewave/14.7.0