Vulnerability in Objectfirst Ootbi

CVE-2022-44795

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. A flaw was found in the Web Service, which could lead to local information disclosure. The command that creates the URL for the support bundle uses an insecure RNG. That c…

EPSS: 0.005 (40.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-44795?
CVE-2022-44795 is a medium-severity vulnerability in Objectfirst Ootbi, classified under Use of Insufficiently Random Values. CVSS score: 6.5/10. Published 2022-11-07.
How severe is CVE-2022-44795?
Medium severity. CVSS v3 base score is 6.5 out of 10.