CVE-2022-29287

📊 4.9 MEDIUM⚡ 0.3%🎯 0 exploits

📅 Published Apr 16, 2022

📋 Status: Modified

Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vulnerability. It allows an attacker with user management rights (default is Administrator) to export the user options of any user, even ones with higher privileges (like Global Administrators) than the current user. The exported XML contains every option of the exported user (even the hashed password).

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	kentico	kentico	< 13.0.66	Vulnerable	cpe:2.3:a:kentico:kentico::::::::

📱

kentico / kentico

Application

Vulnerable

Version: < 13.0.66

CPE:

cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:*

Metrics

4.9 MEDIUMCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

HIGH

User Interaction:

NONE

Confidentiality:

HIGH

Integrity:

NONE

Availability:

NONE

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Modified

CVSS Details

4.9 (MEDIUM)v3.1

Source: [email protected]

EPSS Details

0.3% (Minimal)50.1th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Apr 16, 2022 (3 years ago)

Last Modified

Nov 21, 2024 (11 months ago)

Security Weaknesses1

CWE-639

References2

NVDgeneral