CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-22523

An improper authentication vulnerability exists in the Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 Web-App which allows an authentication bypass to the context of an unauthorised user if free-access is disabled.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.3%

CVSS Severity

CVSS v3 Score 7.5

References

https://cert.vde.com/en/advisories/VDE-2022-029/
https://cert.vde.com/en/advisories/VDE-2022-029/

Products affected by CVE-2022-22523

Gavazziautomation » Cpy Car Park Server » Version: Any

cpe:2.3:a:gavazziautomation:cpy_car_park_server:*
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller » Version: N/A

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller Firmware » Version: Any

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22523

Products

Pricing

Contact Us