Unrated severityNVD Advisory· Published Sep 14, 2022· Updated Sep 17, 2024
User enumeration vulnerability in MB connect line and Helmholz products
CVE-2022-22520
Description
A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8<=2.11.2+ 1 more
- (no CPE)range: <=2.11.2
- (no CPE)range: 2
<=2.11.2+ 3 more
- (no CPE)range: <=2.11.2
- (no CPE)range: <=2.11.2
- (no CPE)range: 2
- (no CPE)range: 2
Patches
Vulnerability mechanics
References
2- cert.vde.com/en/advisories/VDE-2022-011mitrex_refsource_CONFIRM
- cert.vde.com/en/advisories/VDE-2022-039mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.