Security Advisory

CVE-2022-24637

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-18 00:00:00

Last updated 2024-08-03 04:13:56

Assigner mitre

State PUBLISHED

Description

Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with <?php (instead of the intended "<?php sequence) arent handled by the PHP interpreter.

← Browse all CVEs View on cve.org ↗