CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21196

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not perform proper authorization and authentication checks on multiple API routes. An attacker may gain access to these API routes and achieve remote code execution, create a denial-of-service condition, and obtain sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.5%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 10.0

References

Products affected by CVE-2022-21196

Airspan » Mimosa Management Platform » Version: Any

cpe:2.3:a:airspan:mimosa_management_platform:*
Airspan » A5x » Version: N/A

cpe:2.3:h:airspan:a5x:-
Airspan » C5c » Version: N/A

cpe:2.3:h:airspan:c5c:-
Airspan » C5x » Version: N/A

cpe:2.3:h:airspan:c5x:-
Airspan » C6x » Version: N/A

cpe:2.3:h:airspan:c6x:-
Airspan » A5x Firmware » Version: Any

cpe:2.3:o:airspan:a5x_firmware:*
Airspan » C5c Firmware » Version: Any

cpe:2.3:o:airspan:c5c_firmware:*
Airspan » C5x Firmware » Version: Any

cpe:2.3:o:airspan:c5x_firmware:*
Airspan » C6x Firmware » Version: Any

cpe:2.3:o:airspan:c6x_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21196

Products

Pricing

Contact Us