CVE-2022-24038 MEDIUM

CVE-2022-24038: Unauthorized modification in Karmasis Informatics Infraskope SIEM+

Vendor Karmasis Informatics
Product Infraskope SIEM+
Weakness CWE-284
Published November 18, 2022
Last update May 20, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

What the vulnerability does

01Description

Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to damage the page where the agents are listed.

Key dates

02Disclosure timeline

November 18, 2022 CVE published
May 20, 2026 Record updated