CVE-2022-32387: 
Kentico Xperience vulnerability analysis and mitigation

CVE-2022-32387 is a vulnerability discovered in Kentico versions before 13.0.66. The vulnerability was disclosed on July 18, 2022, affecting the GetResource handler functionality in Kentico's content management system. This security issue allows attackers to achieve Denial of Service through crafted requests (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.5 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. This scoring indicates that the vulnerability can be exploited over the network with low attack complexity, requires no privileges or user interaction, and can result in high availability impact while not affecting confidentiality or integrity (NVD).

The primary impact of this vulnerability is on system availability. When successfully exploited, attackers can cause a Denial of Service condition through specially crafted requests to the GetResource handler, potentially making the system unavailable to legitimate users (NVD).

The primary mitigation for this vulnerability is to upgrade Kentico installations to version 13.0.66 or later. The vendor has released patches to address this security issue (Kentico Hotfixes).