Lucene search

[email protected]CVE-2022-42710

HistoryJan 03, 2023 - 11:15 p.m.

CVE-2022-42710

2023-01-0323:15:10

CWE-79

[email protected]

web.nvd.nist.gov

nice

linear

emerge

e3-series

devices

vulnerability

stored xss

cve-2022-42710

nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.001 Low

EPSS

Percentile

23.5%

JSON

Nice (formerly Nortek) Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e devices are vulnerable to Stored Cross-Site Scripting (XSS).

Affected configurations

NVD

Node

niceforyoulinear_emerge_e3_access_controlMatch-

AND

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-07e

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-07p

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-08e

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-08f

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-09a

niceforyoulinear_emerge_e3_access_control_firmwareMatch0.32-09c

CPENameOperatorVersion
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-07e
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-07p
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-08e
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-08f
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-09a
niceforyou:linear_emerge_e3_access_control_firmwareniceforyou linear emerge e3 access control firmwareeq0.32-09c

CPE	Name	Operator	Version
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-07e
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-07p
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-08e
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-08f
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-09a
niceforyou:linear_emerge_e3_access_control_firmware	niceforyou linear emerge e3 access control firmware	eq	0.32-09c

References

github.com/omarhashem123/Security-Research/blob/main/CVE-2022-42710/CVE-2022-42710.txt