Lucene search

[email protected]NVD:CVE-2022-45766

HistoryFeb 10, 2023 - 7:15 p.m.

CVE-2022-45766

2023-02-1019:15:12

CWE-798

[email protected]

web.nvd.nist.gov

cve-2022-45766

global facilities management software

key systems management

remote attackers

availability

confidentiality

accessibility

dependability

electronic key boxes

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

9.3

Confidence

High

EPSS

0.003

Percentile

71.4%

JSON

Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes.

Affected configurations

Nvd

Node

keystorageglobal_facilities_management_softwareMatch3.0

VendorProductVersionCPE
keystorageglobal_facilities_management_software3.0cpe:2.3:a:keystorage:global_facilities_management_software:3.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
keystorage	global_facilities_management_software	3.0	cpe:2.3:a:keystorage:global_facilities_management_software:3.0:::::::*

References

www.girlslearncyber.com/post/the-key-to-keeping-keys-safe

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

AI Score

9.3

Confidence

High

EPSS

0.003

Percentile

71.4%

JSON

Related for NVD:CVE-2022-45766

cve1 cvelist1 prion1