CVE-2022-29303 — SolarView Compact Command Injection Vulnerability
2023-07-13 • CISA Known Exploited Vulnerability
[event] SolarView Compact contains a command injection vulnerability due to improper validation of input values on the send test mail console of the product's web server.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | SolarView |
| Product | Compact |
| CWE | CWE-78 |
| CVE ID | CVE-2022-29303 |
| Date Added | 2023-07-13 |
| Due Date | 2023-08-03 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.
Due Date: 2023-08-03