CVE-2022-42892

CVE-2022-42892

Vendor Siemens

Product syngo Dynamics

Weakness CWE-23

Published November 17, 2022

Last update April 30, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow directory listing in any folder accessible to the account assigned to the website’s application pool.

Key dates

02Disclosure timeline

November 17, 2022 CVE published

April 30, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-42892 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/23.html

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE