CVE-2022-1300

CRITICAL

9.8

Descricao

Multiple Version of TRUMPF TruTops products expose a service function without necessary authentication. Execution of this function may result in unauthorized access to change of data or disruption of the whole service.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado5/2/2022

Ultima modificacao11/21/2024

Fontenvd

Avistamentos honeypot0

Produtos afetados

trumpf:trutops_boosttrumpf:trutops_fabtrumpf:trutops_monitor

Fraquezas (CWE)

CWE-306

Referencias

https://cert.vde.com/en/advisories/VDE-2022-016/(info@cert.vde.com)

https://cert.vde.com/en/advisories/VDE-2022-016/(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.