OvalEdge Account Takeover via Privileged User Modification (CVE-2022-30358/30357/30355)

From this webpage screenshot, we can extract the following key information about the vulnerability: 1. Vulnerability Name: - Account Takeover - CVE IDs: CVE-2022-30358, CVE-2022-30357, CVE-2022-30355 2. Affected Versions: - OvalEdge 5.2.8.0 and earlier versions 3. Vulnerability Description: - Account Takeover - Change local privileged user password (authenticated): By sending a POST request to with parameters and , an attacker can change the password of a local privileged user. - Account Takeover - Change local privileged user email address (authenticated): By sending a POST request to with parameters and , an attacker can change the email address of a local privileged user. - Account Takeover - Change SAML/SSO privileged user email address (authenticated): By sending a POST request to with parameters and , an attacker can change the email address of a SAML/SSO privileged user. 4. Exploitation Example: - Example CURL Request: Demonstrates how to use a CURL command to send a POST request and exploit these vulnerabilities. 5. Affected Users: - Local Privileged Users: Including administrators and users with specific roles. - SAML/SSO Privileged Users: Privileged users authenticated via SAML/SSO. 6. Remediation Recommendations: - Update to the Latest Version: Users are advised to update to the latest version of OvalEdge 5.2.8.0. - Configure SMTP: For email reset functionality, proper SMTP configuration is required to send password reset emails. This information helps users understand the nature of the vulnerability, the scope of impact, and how to remediate it.

Goal Reached Thanks to every supporter — we hit 100%!

OvalEdge Account Takeover via Privileged User Modification (CVE-2022-30358/30357/30355)