exploitDog

CVE-2022-38466

Опубликовано: 13 сент. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator.

Ссылки

https://cert-portal.siemens.com/productcert/pdf/ssa-589975.pdf
Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-589975.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:siemens:coreshield_one-way_gateway:*:*:*:*:*:*:*:*

Версия до 2.2 (исключая)

EPSS

Процентиль: 8%

0.00031

Низкий

7.8 High

CVSS3

Дефекты

CWE-284

CWE-276

Связанные уязвимости

GHSA-cgp2-rccm-9rjc

CVSS3: 7.8

github

больше 3 лет назад

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator.

EPSS

Процентиль: 8%

0.00031

Низкий

7.8 High

CVSS3

Дефекты

CWE-284

CWE-276