Lucene search

MitreCVE-2022-35136

HistoryOct 13, 2022 - 11:15 p.m.

CVE-2022-35136

2022-10-1323:15:10

CWE-306

mitre

web.nvd.nist.gov

boodskap iot platform

cve-2022-35136

unauthenticated api

nvd

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

24.8%

JSON

Boodskap IoT Platform v4.4.9-02 allows attackers to make unauthenticated API requests.

Affected configurations

Nvd

Node

boodskapiot_platformMatch4.4.9-02

VendorProductVersionCPE
boodskapiot_platform4.4.9-02cpe:2.3:a:boodskap:iot_platform:4.4.9-02:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
boodskap	iot_platform	4.4.9-02	cpe:2.3:a:boodskap:iot_platform:4.4.9-02:::::::*

References

securityblog101.blogspot.com/2022/10/cve-id-cve-2022-35135-cve-2022-35136.html

Social References

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

24.8%

JSON

Related for CVE-2022-35136