Lucene search
HistoryOct 21, 2022 - 4:15 p.m.
CVE-2022-1059
cve-2022-1059
aethon tug
home base server
unauthenticated access
security vulnerability
hashed user credentials.
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.4%
Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.
Affected configurations
Node
aethontug_home_base_serverRange<24
| CPE | Name | Operator | Version |
|---|---|---|---|
| aethon:tug_home_base_server | aethon tug home base server | lt | 24 |
CNA Affected
[
{
"vendor": "Aethon",
"product": "TUG Home Base Server",
"versions": [
{
"version": "All versions",
"status": "affected",
"lessThan": "24",
"versionType": "custom"
}
]
}
]Social References
More
Related
cvelist
cvelist
CVE-2022-1059 CROSS-SITE SCRIPTING CWE-79
2022-04-12 00:00:00
nvd
nvd
CVE-2022-1059
2022-10-21 16:15:10
prion
prion
Default credentials
2022-10-21 16:15:00
ics
ics
Aethon TUG Home Base Server
2022-04-12 12:00:00
thn
thn
JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots
2022-04-15 11:51:00
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.4%
Related for CVE-2022-1059