Lucene search

[email protected]CVE-2022-45546

HistoryFeb 15, 2023 - 9:15 p.m.

CVE-2022-45546

2023-02-1521:15:10

CWE-319

[email protected]

web.nvd.nist.gov

cve-2022-45546

information disclosure

authentication component

screencheck badgemaker

credentials

network sniffing

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Information Disclosure in Authentication Component of ScreenCheck BadgeMaker 2.6.2.0 application allows internal attacker to obtain credentials for authentication via network sniffing.

Affected configurations

NVD

Node

screencheckbadgemakerMatch2.6.2.0

CPENameOperatorVersion
screencheck:badgemakerscreencheck badgemakereq2.6.2.0

CPE	Name	Operator	Version
screencheck:badgemaker	screencheck badgemaker	eq	2.6.2.0

References

lgnas.gitbook.io/cve-2022-45546/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.4%

JSON

Related for CVE-2022-45546

cvelist1 prion1 nvd1