Lucene search
NCSC.chCVELIST:CVE-2022-4780HistoryDec 28, 2022 - 2:21 p.m.
CVE-2022-4780 hard coded credentials in elvexys ISOS firmwares
2022-12-2814:21:36
NCSC.ch
www.cve.org
4
cve-2022-4780
hardcoded credentials
isos firmwares
streamx installer
CVSS3
4.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
7.8
Confidence
High
EPSS
0
Percentile
13.0%
ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credentials from embedded StreamX installer that integrators are not forced to change.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "ISOS",
"vendor": "elvexys",
"versions": [
{
"lessThanOrEqual": "2.00",
"status": "affected",
"version": "1.81",
"versionType": "patch"
}
]
}
]Related
cve
cve
CVE-2022-4780
2022-12-29 00:15:09
prion
prion
Hardcoded credentials
2022-12-29 00:15:00
nvd
nvd
CVE-2022-4780
2022-12-29 00:15:09
CVSS3
4.5
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
AI Score
7.8
Confidence
High
EPSS
0
Percentile
13.0%
Related for CVELIST:CVE-2022-4780