CVE-2022-47879: Code Injection
First published: Fri May 05 2023(Updated: )
A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods.
Credit: Team Syslifters cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jedox Palo | =2020.2.5 | |
| Jedox Cloud |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-47879?
CVE-2022-47879 is classified as a high-severity Remote Code Execution vulnerability.
How do I fix CVE-2022-47879?
To fix CVE-2022-47879, upgrade to a patched version of Jedox that resolves this vulnerability.
Who is affected by CVE-2022-47879?
CVE-2022-47879 affects users of Jedox version 2020.2.5 and those using Jedox Cloud.
What type of vulnerability is CVE-2022-47879?
CVE-2022-47879 is a Remote Code Execution (RCE) vulnerability.
What can an attacker do with CVE-2022-47879?
An attacker exploiting CVE-2022-47879 can load and execute arbitrary PHP classes from the 'rtn' directory.
- exploited/true
- collector/exploitdb-recent
- alias/CVE-2022-47879
- agent/type
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/jedox
- canonical/jedox palo
- version/jedox palo/2020.2.5
- canonical/jedox cloud