Lucene search

[email protected]NVD:CVE-2022-44565

HistoryDec 23, 2022 - 3:15 p.m.

CVE-2022-44565

2022-12-2315:15:15

CWE-284

[email protected]

web.nvd.nist.gov

improper access validation

airmax ac

airfiber

airfiber gbe

uisp device

cve-2022-44565

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

30.5%

JSON

An improper access validation vulnerability exists in airMAX AC <8.7.11, airFiber 60/LR <2.6.2, airFiber 60 XG/HD <v1.0.0 and airFiber GBE <1.4.1 that allows a malicious actor to retrieve status and usage data from the UISP device.

Affected configurations

NVD

Node

uiairfiber_gigabeam_firmwareRange<1.4.1

AND

uiairfiber_gigabeamMatch-

Node

uiairfiber_60-xg_firmwareRange<1.0.0

AND

uiairfiber_60-xgMatch-

Node

uiairfiber_60-hd_firmwareRange<1.0.0

AND

uiairfiber_60-hdMatch-

Node

uiairfiber_60-lr_firmwareRange<2.6.2

AND

uiairfiber_60-lrMatch-

Node

uiairmax_ac_firmwareRange<8.7.11

AND

uiairmax_acMatch-

Node

uiairfiber_60_firmwareRange<2.6.2

AND

uiairfiber_60Match-

References

community.ui.com/releases/Security-Advisory-Bulletin-027-027/123e4577-9f00-4777-abe1-64a1d56fee05

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

30.5%

JSON

Related for NVD:CVE-2022-44565

prion1 cve1 cvelist1