Vulnerabilities > CVE-2022-2893 - Unspecified vulnerability in Ronds Equipment Predictive Maintenance 1.19.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |