← Voltar para CVEs
CVE-2022-45137
MEDIUM6.1
Descricao
The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.
Detalhes CVE
Pontuacao CVSS v3.16.1
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosNONE
Interacao do usuarioREQUIRED
Publicado2/27/2023
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
wago:751-9301wago:751-9301_firmwarewago:752-8303\/8000-002wago:752-8303\/8000-002_firmwarewago:pfc100wago:pfc100_firmwarewago:pfc200wago:pfc200_firmwarewago:touch_panel_600_advancedwago:touch_panel_600_advanced_firmwarewago:touch_panel_600_marinewago:touch_panel_600_marine_firmwarewago:touch_panel_600_standardwago:touch_panel_600_standard_firmware
Fraquezas (CWE)
CWE-79
Referencias
https://cert.vde.com/en/advisories/VDE-2022-060/(info@cert.vde.com)
https://cert.vde.com/en/advisories/VDE-2022-060/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.