HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-38123

CVSS 8.7v3.1pub. 2022-12-06upd. 2024-11-21

Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface. This issue affects: Secomea GateManager versions prior to 10.0.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:H
  • Secomea Gatemanager

    APP
    Secomea
    < 10.0.622395010
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2021-32008CRITICAL9.9ten sam produkt

This issue affects: Secomea GateManager Version 9.6.621421014 and all prior versions. Improper Limitation of a...

CVE-2023-0317MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to ob...

CVE-2022-4308MEDIUM6.1ten sam produkt

Plaintext Storage of a Password vulnerability in Secomea GateManager (USB wizard) allows Authentication abuse ...

CVE-2022-2752MEDIUM5.5ten sam produkt

A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous us...

CVE-2022-25786MEDIUM4.9ten sam produkt

Unprotected Alternate Channel vulnerability in debug console of GateManager allows system administrator to obt...