CVE-2022-23342

EPSS 0.54% · P68 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-23342

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The Hyland Onbase Application Server releases prior to 20.3.58.1000 and OnBase releases 21.1.1.1000 through 21.1.15.1000 are vulnerable to a username enumeration vulnerability. An attacker can obtain valid users based on the response returned for invalid and valid users by sending a POST login request to the /mobilebroker/ServiceToBroker.svc/Json/Connect endpoint. This can lead to user enumeration against the underlying Active Directory integrated systems.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Hyland Onbase Application Server 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Hyland Onbase Application Server是美国Hyland公司的一个企业信息平台服务器。旨在管理内容、流程和案例。 Hyland Onbase Application Server 20.3.58.1000之前版本、Onbase 21.1.1.1000版本至21.1.15.1000版本存在安全漏洞。攻击者利用该漏洞通过向 /mobilebroker/ServiceToBroker.svc/Json/Connect 端点发送 POST 登录请求，从而获取有效用户的枚举值。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-23342

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/InitRoot/CVE-2022-23342	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-23342

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-06-21 · 37 CVEs total

CVE-2022-33048		Online Railway Reservation system SQL注入漏洞
CVE-2022-31786		IdeaLMS 跨站脚本漏洞
CVE-2022-29774		iSpyConnect iSpy 路径遍历漏洞
CVE-2022-29775		iSpyConnect iSpy 授权问题漏洞
CVE-2022-31478		ILIAS plugin UserTakeOver 安全漏洞
CVE-2022-33056		Online Railway Reservation system SQL注入漏洞
CVE-2022-33055		Online Railway Reservation system SQL注入漏洞
CVE-2022-25585		Unioncms 跨站脚本漏洞
CVE-2022-33049		Online Railway Reservation system SQL注入漏洞
CVE-2021-41924		Webkul krayin crm 跨站脚本漏洞
CVE-2022-33119		NUUO Network Video Recorder 跨站脚本漏洞
CVE-2022-31373		Contec SolarView Compact 跨站脚本漏洞
CVE-2022-31374		Contec SolarView Compact 代码问题漏洞
CVE-2022-32414		Nginx 资源管理错误漏洞
CVE-2022-31307		Nginx 资源管理错误漏洞
CVE-2022-31306		Nginx 资源管理错误漏洞
CVE-2022-31303		Maccms 跨站脚本漏洞
CVE-2022-31302		Maccms 跨站脚本漏洞
CVE-2022-27872		Autodesk Navisworks 安全漏洞
CVE-2021-40511		OBDA systems Mastro 安全漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-23342

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-23342

I. Basic Information for CVE-2022-23342

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-23342

III. Intelligence Information for CVE-2022-23342

Same Patch Batch · n/a · 2022-06-21 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-23342

Leave a comment