The following are the vulnerable pages. You can refer to them before performing a testing. - The “Edit” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “Default”, “Role”, “Role Group”, “Task”, “Task Group”, “Application”, “Application Role”, “Application Group”, “Application”, “System Settings”, and “System Settings General”. - The “Create” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “Default”, “Role”, “Role Group”, “Task”, “Task Group”, “Application”, “Application Role”, “Application Group”, “Application”, “System Settings”, and “System Settings General”. Note - The

Analysis of CVE-2022-35226

The vulnerability can be found on the “System Settings” page of the application. There are two vulnerable areas that allow attackers to change the system settings. One of those vulnerabilities is located on the “Create” tab and allows a user to change the name of an application. The other is located on the “Edit” tab and allows a user to change any system setting, including changing the ranking of their organization in search engines.

Ensure that you have the latest version of MFA & SSO

The following are the vulnerable pages. You can refer to them before performing a testing. - The “Edit” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “Default”, “Role”, “Role Group”, “Task”, “Task Group”, “Application”, “Application Role”, "Application Group" , "Application" , "System Settings" , and "System Settings General" .

The following are the vulnerable pages. You can refer to them before performing a testing. - The "Edit" tab in the "My Organization", "Settings", 'General", and "System Settings". - The "Create" tab in the 'My Organization", "Settings", 'General', and "System Settings". - The "Create" tab in the 'Default', 'Role', 'Role Group', 'Task', 'Task Group' , 'Application', 'Application Role' , '' Application Group',' Application' , '' System Settings', and '' System Settings General'.

Results of the Testing

The following vulnerabilities were found in the above pages - The “Edit” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “My Organization”, “Settings”, “General”, and “System Settings”. - The “Create” tab in the “Default”, “Role”, “Role Group’startup title >"Test 2";">"Test 2";">"Default"."
- The "Create" tab in the "Default"."

Test Scenario

The following are the vulnerable pages. You can refer to them before performing a testing.
- The “Edit” tab in the “My Organization”, “Settings”, “General”, and “System Settings”.
- The “Create” tab in the “My Organization”, “Settings”, “General”, and “System Settings”.
- The “Create” tab in the “Default”, “Role”, “Role Group”, "Task" , "Task Group" , "Application" , "Application Role" , "Application Group" , "Application" , "System Settings" , and "System Settings General".
- The "Create" tab in the "My Organization", "Settings", "General", and System Settings.
- The "Create" tab in the 'Default', 'Role', 'Role Group' , 'Task' , 'Task Group' , 'Application' , 'Application Role' , 'Application Group' , 'Application' .

Timeline

Published on: 10/11/2022 21:15:00 UTC
Last modified on: 10/12/2022 17:28:00 UTC

References