Lucene search

[email protected]NVD:CVE-2022-2634

HistoryAug 10, 2022 - 8:15 p.m.

CVE-2022-2634

2022-08-1020:15:36

CWE-250

[email protected]

web.nvd.nist.gov

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

57.0%

JSON

An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.

Affected configurations

NVD

Node

digiconnectport_x2d_firmwareRange<2020-01-01

AND

digiconnectport_x2dMatch-

References

www.cisa.gov/uscert/ics/advisories/icsa-22-216-01

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

57.0%

JSON

Related for NVD:CVE-2022-2634

ics1 prion1 cve1 cvelist1