Lucene search

[email protected]NVD:CVE-2022-4240

HistoryMay 30, 2023 - 5:15 p.m.

CVE-2022-4240

2023-05-3017:15:09

CWE-306

[email protected]

web.nvd.nist.gov

honeywell

onewireless

authentication bypass

vulnerability

version 322.1

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.002

Percentile

51.4%

JSON

Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows Authentication Bypass. This issue affects OneWireless version 322.1

Affected configurations

Nvd

Node

honeywellonewireless_network_wireless_device_managerMatch-

AND

honeywellonewireless_network_wireless_device_manager_firmwareRange<r322.2

VendorProductVersionCPE
honeywellonewireless_network_wireless_device_manager-cpe:2.3:h:honeywell:onewireless_network_wireless_device_manager:-:*:*:*:*:*:*:*
honeywellonewireless_network_wireless_device_manager_firmware*cpe:2.3:o:honeywell:onewireless_network_wireless_device_manager_firmware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
honeywell	onewireless_network_wireless_device_manager	-	cpe:2.3:h:honeywell:onewireless_network_wireless_device_manager:-:::::::*
honeywell	onewireless_network_wireless_device_manager_firmware	*	cpe:2.3:o:honeywell:onewireless_network_wireless_device_manager_firmware::::::::

References

process.honeywell.com/

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

Confidence

High

EPSS

0.002

Percentile

51.4%

JSON

Related for NVD:CVE-2022-4240

prion1 cvelist1 cve1 ics1