7.9
CVE-2022-29519
- EPSS 0.15%
- Veröffentlicht 28.06.2022 13:15:12
- Zuletzt bearbeitet 21.11.2024 06:59:14
- Quelle vultures@jpcert.or.jp
- Teams Watchlist Login
- Unerledigt Login
Cleartext transmission of sensitive information vulnerability exists in STARDOM FCN Controller and FCJ Controller R1.01 to R4.31, which may allow an adjacent attacker to login the affected products and alter device configuration settings or tamper with device firmware.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Yokogawa ≫ Stardom Fcj Firmware Version >= r1.01 <= r4.31
Yokogawa ≫ Stardom Fcn Firmware Version >= r1.01 <= r4.31
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.366 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.9 | 5.5 | 10 |
AV:A/AC:M/Au:N/C:C/I:C/A:C
|
CWE-319 Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.