exploitDog

CVE-2022-4779

Опубликовано: 29 дек. 2022

Источник: nvd

CVSS3: 7.5

CVSS3: 9.8

EPSS Низкий

Описание

StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected.

Ссылки

https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/streamx-release-notes/
Release Notes
Vendor Advisory
https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/streamx-release-notes/
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:elvexys:streamx:*:*:*:*:*:*:*:*

Версия от 6.02.01 (включая) до 6.04.34 (включая)

EPSS

Процентиль: 59%

0.00381

Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-w8f5-jp95-mq35

CVSS3: 9.8

github

около 3 лет назад

StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme. StreamX applications using StreamView HTML component with the public web server feature activated are affected.

EPSS

Процентиль: 59%

0.00381

Низкий

7.5 High

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-22

CWE-22