How severe is CVE-2022-20736?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2022-20736?

This is classified as CWE-939, which is a common weakness in software security.

CVE-2022-20736 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software could allow an unauthenticated, remote attacker to access a configuration file and the login page for an administrative console that they would not normally have authorization to access. This vulnerability is due to improper authorization checking for HTTP requests that are submitted to the affected web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected instance of AppDynamics Controller. A successful exploit could allow the attacker to access the login page for an administrative console. AppDynamics has released software updates that address this vulnerability.

Related Vulnerabilities

CVE-2024-35298

MEDIUM

CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in 'ZOZOTOWN' App for Android versions prior to 7.39.6 allows an attacker to lead a user to access an arbitrary website via another applic...

CWE-9392024

CVE-2024-45203

MEDIUM

CVSS:4.3(Medium)

Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to a...

CWE-9392024

CVE-2025-5020

MEDIUM

CVSS:4.3(Medium)

Opening maliciously-crafted URLs in Firefox from other apps such as Safari could have allowed attackers to spoof website addresses if the URLs utilized non-HTTP schemes used internally by the Firefox ...

CWE-9392025

CVE-2020-11000

MEDIUM

CVSS:6.5(Medium)

GreenBrowser before version 1.2 has a vulnerability where apps that rely on URL Parsing to verify that a given URL is pointing to a trust server may be susceptible to many different ways to get URL pa...

CWE-9392020

CVE-2024-54014

LOW

CVSS:3.6(Low)

Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead the application to...

CWE-9392024

CVE-2023-43582

HIGH

CVSS:8.8(High)

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.

CWE-9392023