Lucene search
IcscertCVELIST:CVE-2022-2254HistoryJul 01, 2022 - 3:01 p.m.
CVE-2022-2254 Distributed Data Systems WebHMI Cross-site Scripting
2022-07-0115:01:57
CWE-79
icscert
www.cve.org
3
cross-site scripting
administrative privileges
distributed data systems webhmi
CVSS3
6.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
22.7%
A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 can store a script that could impact other logged in users.
CNA Affected
[
{
"product": "WebHMI",
"vendor": "Distributed Data Systems",
"versions": [
{
"status": "affected",
"version": "4.1.1.7662"
}
]
}
]Related
cve
cve
CVE-2022-2254
2022-07-01 16:15:08
prion
prion
Code injection
2022-07-01 16:15:00
nvd
nvd
CVE-2022-2254
2022-07-01 16:15:08
ics
ics
Distributed Data Systems WebHMI
2022-06-30 12:00:00
CVSS3
6.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
22.7%
Related for CVELIST:CVE-2022-2254