CVE-2022-27969
Description
Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated attacker can retrieve the list of all decoy users via a crafted GET request to /WebApp/DeceptionUser/GetAllDeceptionUsers in Cynet 360 Web Portal before v4.5.
Vulnerability
In Cynet 360 Web Portal versions before v4.5, an endpoint /WebApp/DeceptionUser/GetAllDeceptionUsers does not enforce any authentication or authorization checks. A crafted GET request to this endpoint discloses the full list of decoy (deception) users configured in the system [1].
Exploitation
An attacker with no prior authentication or network privileges can send a GET request to /WebApp/DeceptionUser/GetAllDeceptionUsers. No special configuration or user interaction is required. The endpoint returns the list of decoy users in the response [1].
Impact
Successful exploitation reveals all decoy user accounts to an unauthenticated attacker. This information can be used to identify and avoid detection by the deception system, undermining the effectiveness of the decoy-based threat detection [1].
Mitigation
Update Cynet 360 Web Portal to version 4.5 or later. No workaround is documented; the fix is available in the vendor's platform. There is no indication this CVE is listed on CISA's Known Exploited Vulnerabilities catalog.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Cynet/360 Web Portaldescription
- Range: <4.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.cynet.com/platform/mitrex_refsource_MISC
- www.srlabs.de/bites/edr-securitymitrex_refsource_MISC
News mentions
0No linked articles in our index yet.