Vulnerability Details CVE-2022-2485
Any attempt (good or bad) to log into AutomationDirect Stride Field I/O with a web browser may result in the device responding with its password in the communication packets.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.2%
CVSS Severity
CVSS v3 Score 9.6
References
Products affected by CVE-2022-2485
-
cpe:2.3:h:automationdirect:sio-mb04ads:-
-
cpe:2.3:h:automationdirect:sio-mb04das:-
-
cpe:2.3:h:automationdirect:sio-mb04rtds:-
-
cpe:2.3:h:automationdirect:sio-mb04thms:-
-
cpe:2.3:h:automationdirect:sio-mb08ads-1:-
-
cpe:2.3:h:automationdirect:sio-mb08ads-2:-
-
cpe:2.3:h:automationdirect:sio-mb08thms:-
-
cpe:2.3:h:automationdirect:sio-mb12cdr:-
-
cpe:2.3:h:automationdirect:sio-mb16cdd2:-
-
cpe:2.3:h:automationdirect:sio-mb16nd3:-
-
cpe:2.3:o:automationdirect:sio-mb04ads_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb04das_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb04rtds_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb04thms_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb08ads-1_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb08ads-2_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb08thms_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb12cdr_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb16cdd2_firmware:-
-
cpe:2.3:o:automationdirect:sio-mb16nd3_firmware:-