CRITICAL✓ PATCH🇬🇧 English

CVE-2022-46732

CVSS 9.8v3.1pub. 2023-01-18upd. 2025-01-17

Even if the authentication fails for local service authentication, the requested command could still execute regardless of authentication status.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ge Proficy Historian

    APP
    Ge
    7.0 – 2023 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2022-38469HIGH7.5ten sam produkt

An unauthorized user with network access and the decryption key could decrypt sensitive data, such as user...

CVE-2022-43494HIGH7.5ten sam produkt

An unauthorized user could be able to read any file on the system, potentially exposing sensitive informatio...

CVE-2022-46331HIGH7.5ten sam produkt

An unauthorized user could possibly delete any file on the system.

CVE-2022-46660HIGH7.5ten sam produkt

An unauthorized user could alter or write files with full control over the path and content of the file. ...

CVE-2023-5908CRITICAL9.1PL ✓ten sam vendor

Buffer overflow w KEPServerEX umożliwiający crash lub wyciek danych