CVE-2022-22813 Vulnerability Details

  /     /     /  

CVE-2022-22813 Metadata Quick Info

CVE Published: 09/02/2022 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: schneider | Vendor: n/a | Product: Easergy P40 Series model numbers with Ethernet option bit as Q, R, S (All PX4X firmware Versions)
Status : PUBLISHED

---

CVE-2022-22813 Description

A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an attacker were to obtain the TLS cryptographic key and take active control of the Courier tunneling communication network, they could potentially observe and manipulate traffic associated with product configuration.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-798
CWE Name: CWE-798: Use of Hard-coded Credentials
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).