Lucene search

[email protected]NVD:CVE-2022-38125

HistoryApr 19, 2023 - 12:15 p.m.

CVE-2022-38125

2023-04-1912:15:07

CWE-923

[email protected]

web.nvd.nist.gov

vulnerability

secomea sitemanager

ftp agent

communication channel restriction

exploiting trust.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Secomea SiteManager (FTP Agent modules) allows Exploiting Trust in Client.

Affected configurations

Nvd

Node

secomeasitemanager_3549_firmwareRange<10.0.622465022

AND

secomeasitemanager_3549Match-

Node

secomeasitemanager_3539_firmwareRange<10.0.622465022

AND

secomeasitemanager_3539Match-

Node

secomeasitemanager_3529_firmwareRange<10.0.622465022

AND

secomeasitemanager_3529Match-

Node

secomeasitemanager_3349_firmwareRange<10.0.622465022

AND

secomeasitemanager_3349Match-

Node

secomeasitemanager_3339_firmwareRange<10.0.622465022

AND

secomeasitemanager_3339Match-

Node

secomeasitemanager_3329_firmwareRange<10.0.622465022

AND

secomeasitemanager_3329Match-

Node

secomeasitemanager_1549_firmwareRange<10.0.622465022

AND

secomeasitemanager_1549Match-

Node

secomeasitemanager_1539_firmwareRange<10.0.622465022

AND

secomeasitemanager_1539Match-

Node

secomeasitemanager_1529_firmwareRange<10.0.622465022

AND

secomeasitemanager_1529Match-

Node

secomeasitemanager_1149_firmwareRange<10.0.622465022

AND

secomeasitemanager_1149Match-

Node

secomeasitemanager_1139_firmwareRange<10.0.622465022

AND

secomeasitemanager_1139Match-

Node

secomeasitemanager_1129_firmwareRange<10.0.622465022

AND

secomeasitemanager_1129Match-

VendorProductVersionCPE
secomeasitemanager_3549_firmware*cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*
secomeasitemanager_3549-cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*
secomeasitemanager_3539_firmware*cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*
secomeasitemanager_3539-cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*
secomeasitemanager_3529_firmware*cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*
secomeasitemanager_3529-cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*
secomeasitemanager_3349_firmware*cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*
secomeasitemanager_3349-cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*
secomeasitemanager_3339_firmware*cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*
secomeasitemanager_3339-cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
secomea	sitemanager_3549_firmware	*	cpe:2.3:o:secomea:sitemanager_3549_firmware::::::::
secomea	sitemanager_3549	-	cpe:2.3:h:secomea:sitemanager_3549:-:::::::*
secomea	sitemanager_3539_firmware	*	cpe:2.3:o:secomea:sitemanager_3539_firmware::::::::
secomea	sitemanager_3539	-	cpe:2.3:h:secomea:sitemanager_3539:-:::::::*
secomea	sitemanager_3529_firmware	*	cpe:2.3:o:secomea:sitemanager_3529_firmware::::::::
secomea	sitemanager_3529	-	cpe:2.3:h:secomea:sitemanager_3529:-:::::::*
secomea	sitemanager_3349_firmware	*	cpe:2.3:o:secomea:sitemanager_3349_firmware::::::::
secomea	sitemanager_3349	-	cpe:2.3:h:secomea:sitemanager_3349:-:::::::*
secomea	sitemanager_3339_firmware	*	cpe:2.3:o:secomea:sitemanager_3339_firmware::::::::
secomea	sitemanager_3339	-	cpe:2.3:h:secomea:sitemanager_3339:-:::::::*

Rows per page:

1-10 of 241

References

www.secomea.com/support/cybersecurity-advisory/

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2022-38125

cve1 cvelist1 prion1