CVE Published: 19/07/2022 |
CVE Updated: 03/08/2024 |
CVE Year: 2022 Source: HYPR |
Vendor: HYPR |
Product: HYPR Windows WFA Status : PUBLISHED
CVE-2022-1984 Description
This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) before version 7.2 may allow local authenticated attackers to elevate privileges via a malicious serialized payload.
Metrics
CVSS Version: 3.1 |
Base Score: 4.5 MEDIUM Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
l➤ Exploitability Metrics: Attack Vector (AV)* LOCAL Attack Complexity (AC)* HIGH Privileges Required (PR)* LOW User Interaction (UI)* NONE Scope (S)* UNCHANGED