Login Sign Up

CVE-2022-2019

7.3 HIGH
Authentication Bypass

📋 TL;DR

This critical vulnerability in Prison Management System 1.0 allows attackers to bypass authorization controls during new user creation. Attackers can remotely exploit this to create unauthorized user accounts with elevated privileges. Organizations using this software are affected.

💻 Affected Systems

Products:
  • SourceCodester Prison Management System
Versions: 1.0
Operating Systems: Any OS running PHP web applications
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web interface component; requires PHP environment with web server access.

📦 What is this software?

Prison Management System by Prison Management System Project

View all CVEs affecting Prison Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers create administrative accounts, gaining full control over the prison management system to access sensitive inmate data, modify records, or disrupt operations.

🟠

Likely Case

Attackers create unauthorized user accounts to access confidential information or perform unauthorized actions within the system.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to the application layer with no lateral movement.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit details are publicly available; requires some authentication but authorization bypass allows privilege escalation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available or implementing workarounds.

🔧 Temporary Workarounds

Access Control Hardening

all

Implement strict authorization checks in /classes/Users.php to validate user permissions before allowing user creation.

Web Application Firewall Rules

all

Deploy WAF rules to block unauthorized requests to /classes/Users.php?f=save endpoint.

🧯 If You Can't Patch

  • Isolate the application behind a reverse proxy with strict authentication requirements
  • Implement network segmentation to limit access to the application from trusted networks only

🔍 How to Verify

Check if Vulnerable:

Test if unauthorized users can access /classes/Users.php?f=save endpoint and create new accounts without proper permissions.

Check Version:

Check application version in admin panel or configuration files; look for version 1.0.

Verify Fix Applied:

Verify that proper authorization checks are implemented and only authorized users can create new accounts.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed authorization attempts followed by successful user creation
  • User creation requests from unexpected IP addresses

Network Indicators:

  • Unusual POST requests to /classes/Users.php?f=save
  • Traffic patterns showing user creation outside normal business hours

SIEM Query:

source="web_logs" AND (url="/classes/Users.php?f=save" AND status=200) AND NOT user_role="admin"

📊 Metadata

CVE ID: CVE-2022-2019
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-285
Published: June 9, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-2019, you might also want to check these:

CVE-2025-65041 10.0

CVE-2025-65041 is an improper authorization vulnerability in Microsoft Partner Center that allows un...

Same vulnerability type (CWE-285)
CVE-2021-37705 10.0

CVE-2021-37705 is an authorization bypass vulnerability in OneFuzz that allows authenticated users f...

Same vulnerability type (CWE-285)
CVE-2023-33189 10.0

CVE-2023-33189 is an authorization bypass vulnerability in Pomerium identity-aware access proxy. Att...

Same vulnerability type (CWE-285)