CVE-2022-22733

CVE-2022-22733: Access-Token in ElasticJob UI causes password disclosure

Vendor Apache Software Foundation

Product Apache ShardingSphere ElasticJob-UI

Weakness CWE-200 · Info exposure

Published January 20, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache ShardingSphere ElasticJob-UI allows an attacker who has guest account to do privilege escalation. This issue affects Apache ShardingSphere ElasticJob-UI Apache ShardingSphere ElasticJob-UI 3.x version 3.0.0 and prior versions.

Key dates

02Disclosure timeline

January 20, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-22733

Related vulnerabilities

04Related CVE

CVE-2025-22895 CVE-2023-31404 Information Disclosure in SAP BusinessObjects Business Intelligence Platform (Central Management Service) CVE-2017-6651 CVE-2022-20811 Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities CVE-2026-7381 Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting