Vector Strings

Severity Score: 9.8
Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): NONE
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Published Date: 2022-02-17
Last Modified: 2022-02-25

CVE-2022-22916

About:
O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.

References

https://github.com/wendell1224/O2OA-POC/blob/main/POC.md
http://o2oa.com

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo