CVE-2022-2265

The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25

high 7.5 CVSS 3.1

Published: Sep 21, 2022

Modified: May 20, 2026

Vendor: Identity And Directory Management System Project

Product: Identity And Directory Management System

Description

The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0636
https://www.usom.gov.tr/bildirim/tr-22-0636
https://www.usom.gov.tr/bildirim/tr-22-0636

CVSS Breakdown

Version	3.1
Score	7.5 / 10
Severity	high

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Weakness (CWE)

CWE-35

Affected Product

Vendor	Identity And Directory Management System Project
Product	Identity And Directory Management System