4.3
CVE-2022-22508
- EPSS 0.11%
- Veröffentlicht 15.05.2023 10:15:09
- Zuletzt bearbeitet 21.11.2024 06:46:54
- Quelle info@cert.vde.com
- Teams Watchlist Login
- Unerledigt Login
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Codesys ≫ Control For Beaglebone Sl Version < 4.7.0.0
Codesys ≫ Control For Empc-a/imx6 Sl Version < 4.7.0.0
Codesys ≫ Control For Iot2000 Sl Version < 4.7.0.0
Codesys ≫ Control For Linux Sl Version < 4.7.0.0
Codesys ≫ Control For Pfc100 Sl Version < 4.7.0.0
Codesys ≫ Control For Pfc200 Sl Version < 4.7.0.0
Codesys ≫ Control For Plcnext Sl Version < 4.7.0.0
Codesys ≫ Control For Raspberry Pi Sl Version < 4.7.0.0
Codesys ≫ Control For Wago Touch Panels 600 Sl Version < 4.7.0.0
Codesys ≫ Control Rte (for Beckhoff Cx) Sl Version < 3.5.18.40
Codesys ≫ Control Rte (sl) Version < 3.5.18.40
Codesys ≫ Control Runtime System Toolkit Version < 3.5.18.40
Codesys ≫ Control Win (sl) Version < 3.5.18.40
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.259 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.