QSearchQSearch

CVE-2022-24036

8.6 HIGH

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to modifi...

Published: 2022-11-16 · Last updated: 2026-05-20

Severity and scoring

CVSS
8.6 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
CWE
CWE-284

Affected products

VendorProduct
karmasisinfraskope_siem\+

Description

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to modificate logs.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2022-24038 Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to damag... (6.5 MEDIUM)
  • CVE-2022-24037 Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to obta... (8.2 HIGH)

Same CWE

  • CVE-2026-47261 Wasmtime is a runtime for WebAssembly (7.5 HIGH)
  • CVE-2026-50892 Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attacke... (6.5 MEDIUM)
  • CVE-2026-50891 Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a cra... (8.1 HIGH)
  • CVE-2026-50886 Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources vi... (9.1 CRITICAL)
  • CVE-2026-50885 Incorrect access control in the share-based read endpoints of Sismics Docs (Teedy) v1.11 allow unauthorized attackers to access sensitive... (7.5 HIGH)