Browse all 4 CVE security advisories affecting Changing Information Technology Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Changing Information Technology Inc. specializes in enterprise software solutions for data management and workflow automation. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. The company maintains four CVEs on record, with notable incidents including a 2021 authentication bypass that allowed unauthorized access to customer databases. Their security posture has shown improvement in recent releases, though legacy systems remain susceptible to common web application vulnerabilities. Regular security updates and penetration testing are recommended for organizations using their software.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-39058 | Changing Information Technology Inc. RAVA certificate validation system - Path Traversal — RAVA certificate validation systemCWE-22 | 7.5 | High | 2022-10-18 |
| CVE-2022-39057 | Changing Information Technology Inc. RAVA certificate validation system - Command Injection — RAVA certificate validation systemCWE-78 | 7.2 | High | 2022-10-18 |
| CVE-2022-39056 | Changing Information Technology Inc. RAVA certificate validation system - SQL Injection — RAVA certificate validation systemCWE-89 | 9.8 | Critical | 2022-10-18 |
| CVE-2022-39055 | Changing Information Technology Inc. RAVA certificate validation system - Server-Side Request Forgery (SSRF) — RAVA certificate validation systemCWE-918 | 5.3 | Medium | 2022-10-18 |
This page lists every published CVE security advisory associated with Changing Information Technology Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.