7.5
CVE-2022-30624
- EPSS 0.29%
- Veröffentlicht 18.07.2022 13:15:10
- Zuletzt bearbeitet 21.11.2024 07:03:03
- Quelle cna@cyber.gov.il
- CVE-Watchlists
- Unerledigt
LoginChcnav - P5E GNSS Authentication bypass admin password reset
Browsing the admin.html page allows the user to reset the admin password. Also appears in the JS code for the password.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Chcnav ≫ P5e Gnss Firmware Version4.1
Chcnav ≫ P5e Gnss Firmware Version4.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.202 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| cna@cyber.gov.il | 6.8 | 2.5 | 3.7 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
https://www.gov.il/en/Departments/faq/cve_advisories