Lucene search
TR-CERTCVE-2022-45085HistoryFeb 12, 2023 - 4:15 a.m.
CVE-2022-45085
2023-02-1204:15:16
CWE-918
TR-CERT
web.nvd.nist.gov
28
cve-2022-45085
ssrf
group arge energy
control systems
smartpower web
nvd
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
29.1%
Server-Side Request Forgery (SSRF) vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery.This issue affects Smartpower Web: before 23.01.01.
Affected configurations
Node
grupargesmartpower_webRange<23.01.01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| gruparge | smartpower_web | * | cpe:2.3:a:gruparge:smartpower_web:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Smartpower Web",
"vendor": "Group Arge Energy and Control Systems",
"versions": [
{
"lessThan": "23.01.01",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]References
Related
prion
prion
Server side request forgery (ssrf)
2023-02-12 04:15:00
cvelist
cvelist
CVE-2022-45085 Server-Side Request Forgery in Smartpower Web
2023-02-08 14:48:27
nvd
nvd
CVE-2022-45085
2023-02-12 04:15:16
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
29.1%
Related for CVE-2022-45085