Vulnerabilities > CVE-2023-22892 - Exposure of Resource to Wrong Sphere vulnerability in Smartbear Zephyr Enterprise

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
smartbear
CWE-668

Summary

There exists an information disclosure vulnerability in SmartBear Zephyr Enterprise through 7.15.0 that could be exploited by unauthenticated users to read arbitrary files from Zephyr instances.

Common Weakness Enumeration (CWE)