OR
     *cpe:2.3:a:connectwise:connectwise:*:*:*:*:*:*:*:* versions up to (excluding) 22.7

OR
     *cpe:2.3:a:connectwise:screenconnect:*:*:*:*:*:*:*:* versions up to (excluding) 22.7

Israel National Cyber Directorate AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Israel National Cyber Directorate AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor the traffic, and perform a brute force on the session code in order to get in. Sensitive data about the company , get in a session.

ConnectWise ScreenConnect versions 22.6 and below contained a flaw allowing potential brute force attacks on custom access tokens due to inadequate rate-limiting controls in the default configuration. Attackers could exploit this vulnerability to gain unauthorized access by repeatedly attempting access code combinations. ConnectWise has addressed this issue in later versions by implementing rate-limiting controls as a preventive measure against brute force attacks.

Israel National Cyber Directorate AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L

Israel National Cyber Directorate AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

A-No availability impacts identified

AV-Lack of information

I-No integrity impacts identified

PR-No privileges needed

UI-User Interaction not identified

OR
     *cpe:2.3:a:connectwise:connectwise:*:*:*:*:*:*:*:* versions up to (excluding) 22.7

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

NIST CWE-307

https://www.gov.il/en/Departments/faq/cve_advisories No Types Assigned

https://www.gov.il/en/Departments/faq/cve_advisories Third Party Advisory