CVE-2022-50788
Unknown
Unknown - Not Provided
Information Disclosure in SOUND4 IMPACT/PULSE <=2.x via Unauthenticated Log Access
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: VulnCheck
Description
Description
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive log files. Attackers can directly browse the /log directory to retrieve system and sensitive information without authentication.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sound4 | impact | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-548 | The product inappropriately exposes a directory listing with an index of all the resources located inside of the directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in SOUND4 IMPACT/FIRST/PULSE/Eco versions up to 2.x, where unauthenticated attackers can access sensitive log files by directly browsing the /log directory without needing to authenticate.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized disclosure of sensitive system and log information, which may be used by attackers to gain insights into the system, potentially aiding further attacks or exploitation.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70