CVE-2022-27179
Published Apr 20, 2022
Last updated 3 years ago
Overview
- Description
- A malicious actor having access to the exported configuration file may obtain the stored credentials and thereby gain access to the protected resource. If the same passwords were used for other resources, further such assets may be compromised.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- ics-cert@hq.dhs.gov
- CWE-522
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:o:redlion:da50n_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A81A3812-8347-40A1-8742-1B5BEF12B894" } ], "operator": "OR" }, { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B58B0481-AE48-4B7A-B57B-4FA6B573C040" } ], "operator": "OR" } ], "operator": "AND" } ]