Search criteria
2 vulnerabilities found for Çekino Bilgi Teknolojileri by Çekino Bilgi Teknolojileri
CVE-2022-2265 (GCVE-0-2022-2265)
Vulnerability from cvelistv5 – Published: 2022-09-21 13:45 – Updated: 2025-05-29 18:29
VLAI?
Title
Path traversal in Identity and Directory Management System
Summary
The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25
Severity ?
7.5 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Çekino Bilgi Teknolojileri | Çekino Bilgi Teknolojileri |
Affected:
unspecified , < 2.1.25
(custom)
|
Credits
Onurhan ERDOGDU
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:32:09.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T18:42:09.628640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T18:29:02.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "\u00c7ekino Bilgi Teknolojileri",
"vendor": "\u00c7ekino Bilgi Teknolojileri",
"versions": [
{
"lessThan": "2.1.25",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Onurhan ERDOGDU"
}
],
"datePublic": "2022-09-20T21:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25\u003c/p\u003e"
}
],
"value": "The Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T09:13:31.939Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor. \u003c/p\u003e"
}
],
"value": "Vulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor."
}
],
"source": {
"advisory": "TR-22-0636",
"defect": [
"TR-22-0636"
],
"discovery": "EXTERNAL"
},
"title": "Path traversal in Identity and Directory Management System",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@usom.gov.tr",
"DATE_PUBLIC": "2022-09-21T13:20:00.000Z",
"ID": "CVE-2022-2265",
"STATE": "PUBLIC",
"TITLE": "Path traversal in Identity and Directory Management System"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u00c7ekino Bilgi Teknolojileri",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.1.25"
}
]
}
}
]
},
"vendor_name": "\u00c7ekino Bilgi Teknolojileri"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Onurhan Erdo\u011fdu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-35: Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.usom.gov.tr/bildirim/tr-22-0636",
"refsource": "CONFIRM",
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
]
},
"solution": [
{
"lang": "en",
"value": "Vulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor."
}
],
"source": {
"advisory": "TR-22-0636",
"defect": [
"TR-22-0636"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2022-2265",
"datePublished": "2022-09-21T13:45:18.149Z",
"dateReserved": "2022-06-30T00:00:00.000Z",
"dateUpdated": "2025-05-29T18:29:02.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2265 (GCVE-0-2022-2265)
Vulnerability from nvd – Published: 2022-09-21 13:45 – Updated: 2025-05-29 18:29
VLAI?
Title
Path traversal in Identity and Directory Management System
Summary
The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25
Severity ?
7.5 (High)
CWE
- CWE-35 - Path Traversal: '.../...//'
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Çekino Bilgi Teknolojileri | Çekino Bilgi Teknolojileri |
Affected:
unspecified , < 2.1.25
(custom)
|
Credits
Onurhan ERDOGDU
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:32:09.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-2265",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-27T18:42:09.628640Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T18:29:02.880Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "\u00c7ekino Bilgi Teknolojileri",
"vendor": "\u00c7ekino Bilgi Teknolojileri",
"versions": [
{
"lessThan": "2.1.25",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Onurhan ERDOGDU"
}
],
"datePublic": "2022-09-20T21:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25\u003c/p\u003e"
}
],
"value": "The Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-35",
"description": "CWE-35 Path Traversal: \u0027.../...//\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-06T09:13:31.939Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eVulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor. \u003c/p\u003e"
}
],
"value": "Vulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor."
}
],
"source": {
"advisory": "TR-22-0636",
"defect": [
"TR-22-0636"
],
"discovery": "EXTERNAL"
},
"title": "Path traversal in Identity and Directory Management System",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@usom.gov.tr",
"DATE_PUBLIC": "2022-09-21T13:20:00.000Z",
"ID": "CVE-2022-2265",
"STATE": "PUBLIC",
"TITLE": "Path traversal in Identity and Directory Management System"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\u00c7ekino Bilgi Teknolojileri",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.1.25"
}
]
}
}
]
},
"vendor_name": "\u00c7ekino Bilgi Teknolojileri"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Onurhan Erdo\u011fdu"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Identity and Directory Management System developed by \u00c7ekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-35: Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.usom.gov.tr/bildirim/tr-22-0636",
"refsource": "CONFIRM",
"url": "https://www.usom.gov.tr/bildirim/tr-22-0636"
}
]
},
"solution": [
{
"lang": "en",
"value": "Vulnerable Identity and Directory Management System module should be updated to the 2.1.25 version provided by the vendor."
}
],
"source": {
"advisory": "TR-22-0636",
"defect": [
"TR-22-0636"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2022-2265",
"datePublished": "2022-09-21T13:45:18.149Z",
"dateReserved": "2022-06-30T00:00:00.000Z",
"dateUpdated": "2025-05-29T18:29:02.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}