Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-23127
HistoryJan 21, 2022 - 7:15 p.m.

Cross site scripting

2022-01-2119:15:00
PRIOn knowledge base
www.prio-n.com
4

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON

Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 versions 4.04E (10.95.210.01) and prior and ICONICS MobileHMI versions 10.96.2 and prior allows a remote unauthenticated attacker to gain authentication information of an MC Works64 or MobileHMI and perform any operation using the acquired authentication information, by injecting a malicious script in the URL of a monitoring screen delivered from the MC Works64 server or MobileHMI server to an application for mobile devices and leading a legitimate user to access this URL.

CPENameOperatorVersion
mobilehmile10.96.2
mc_works64lt10.95.210.01

Related

nvd 1
cnvd 1
cve 1
cvelist 1
ics 1
nvd
nvd
CVE-2022-23127
2022-01-21 19:15:09
cnvd
cnvd
Mitsubishi Electric MC Works64 Cross-Site Scripting Vulnerability
2022-01-23 00:00:00
cve
cve
CVE-2022-23127
2022-01-21 19:15:09
cvelist
cvelist
CVE-2022-23127
2022-01-21 18:17:32
ics
ics
ICONICS and Mitsubishi Electric HMI SCADA
2022-01-20 12:00:00

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.5%

JSON
Related for PRION:CVE-2022-23127
nvd1cnvd1cve1cvelist1ics1