Unrated severityNVD Advisory· Published Jan 25, 2022· Updated Aug 3, 2024

Charactell - FormStorm Enterprise Account Take Over

CVE-2022-22789

Description

Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.

Affected products

Charactell/Formstorm Enterprisev5
Range: FormStorm Enterprise version 9.00.065 9.00.065

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.gov.il/en/departments/faq/cve_advisoriesmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000