Vulnerability in Objectfirst Ootbi
CVE-2022-44795
An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That c…
EPSS: 0.005 (40.4th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Objectfirst Ootbi
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-44795?
- CVE-2022-44795 is a medium-severity vulnerability in Objectfirst Ootbi, classified under Use of Insufficiently Random Values. CVSS score: 6.5/10. Published 2022-11-07.
- How severe is CVE-2022-44795?
- Medium severity. CVSS v3 base score is 6.5 out of 10.