6.8
CVE-2022-47917
- EPSS 0.68%
- Veröffentlicht 18.01.2023 01:15:13
- Zuletzt bearbeitet 21.11.2024 07:32:31
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginCVE-2022-47917
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sewio ≫ Real-time Location System Studio Version >= 2.0.0 <= 2.6.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.68% | 0.476 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 1.2 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
|
| ics-cert@hq.dhs.gov | 6.8 | 2.3 | 4 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01