CVE-2022-44938

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
08/12/2022
Last modified:
23/04/2025

Description

Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:seeddms:seeddms:5.1.7:*:*:*:*:*:*:*
cpe:2.3:a:seeddms:seeddms:6.0.20:*:*:*:*:*:*:*