VYPR
Medium severity5.5NVD Advisory· Published Jun 9, 2022· Updated Jun 17, 2026

CVE-2022-25804

CVE-2022-25804

Description

An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure permissions for the serverconfig registry key (under JavaSoft\Prefs\de\igel\rm\config in HKEY_LOCAL_MACHINE\SOFTWARE) allow an unprivileged local attacker to read the encrypted dbuser and dbpassword values for the UMS superuser.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • IGEL/Universal Management Suitedescription
  • IGEL/IGEL OSllm-fuzzy
    Range: 6.07.100

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.