MEDIUM✓ PATCH🇬🇧 English

CVE-2022-4308

CVSS 6.1v3.1pub. 2023-04-19upd. 2025-02-05

Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse on SiteManager, if the generated file is leaked.

oryginał EN
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
  • Secomea Gatemanager

    APP
    Secomea
    < 10.0.622425017
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2021-32008CRITICAL9.9ten sam produkt

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a...

CVE-2022-38123HIGH8.7ten sam produkt

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server ad...

CVE-2023-0317MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to ob...

CVE-2022-2752MEDIUM5.5ten sam produkt

A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous us...

CVE-2022-25786MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obt...

CVE-2022-4308 — MEDIUM 6.1 | CVEbaza.pl