How severe is CVE-2022-45895?

CVE-2022-45895 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2022-45895

Name: planet_estream
Author: planetestream

6.5MEDIUM

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclo

Published: 12/25/2022Updated: 4/14/2025

Description

Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).

AI AnalysisPowered by AI

Affected Products

planetestreamplanet_estream

References

https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/
ExploitThird Party Advisory
https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/
ExploitThird Party Advisory