CRITICALβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2022-46732

CVSS 9.8v3.1pub. 2023-01-18upd. 2025-01-17

Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ge Proficy Historian

    APP
    Ge
    7.0 – 2023 (bez)
🟒
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-38469HIGH7.5ten sam produkt

An unauthorized user with network access and the decryption key could decrypt sensitive data, such as user...

CVE-2022-43494HIGH7.5ten sam produkt

An unauthorized user could be able to read any file on the system, potentially exposing sensitive informatio...

CVE-2022-46331HIGH7.5ten sam produkt

An unauthorized user could possibly delete any file on the system.

CVE-2022-46660HIGH7.5ten sam produkt

An unauthorized user could alter or write files with full control over the path and content of the file. ...

CVE-2023-5908CRITICAL9.1PL βœ“ten sam vendor

Buffer overflow w KEPServerEX umoΕΌliwiajΔ…cy crash lub wyciek danych

CVE-2022-46732 β€” Ge β€” Proficy Historian β€” CRITICAL β€” CVSS 9.8 | CVEbaza.pl