Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28719

April 28, 2022, 9:15 a.m. |

National Vulnerability Database nist.gov

Missing authentication for critical function in AssetView prior to Ver.13.2.0 allows a remote unauthenticated attacker with some knowledge on the system configuration to upload a crafted configuration file to the managing server, which may result in the managed clients to execute arbitrary code with the administrative privilege.

cve

Security Engineer I, Offensive Security Penetration Testing

@ Amazon.com | US, TX, Virtual Location - Texas

Cyber Security Engineer

@ GWA Group | Derrimut, Victoria, Australia

Threat Intelligence Consultant- Remote (Anywhere in the U.S.)

@ GuidePoint Security LLC | Remote

Senior Cloud Security Engineer

@ Reddit | Atlanta, GA

Information Security Officer

@ Vix Technology | Cambridge, England, United Kingdom

Information Security Manager (12m FTC)

@ PlayStation Global | United Kingdom, London

Vulnerability Management Engineer (Qualys)

@ Aperia | Dallas, Texas, United States - Remote

Information Security Officer (US)

@ Form3 | 100% Remote - New York

Information Systems Security Officer (ISSO)

@ Spry Methods | Denver, CO

Client Manager - Cybersecurity - Nashville Enterprise

@ Optiv | Nashville, TN

Threat Analyst | Remote, USA

@ Optiv | Minneapolis, MN

Senior Cyber Security SME

@ Node.Digital | Dulles, Virginia, United States