CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-41688

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to the administrator group.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07
https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-07

Products affected by CVE-2022-41688

Deltaww » Infrasuite Device Master » Version: N/A

cpe:2.3:a:deltaww:infrasuite_device_master:-
Deltaww » Infrasuite Device Master » Version: 00.00.01a

cpe:2.3:a:deltaww:infrasuite_device_master:00.00.01a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-41688

Products

Pricing

Contact Us