Vulnerability Details CVE-2022-43326
An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.2%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-43326
-
cpe:2.3:h:telosalliance:omnia_mpx_node:-
-
cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:1.0.0
-
cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:1.1.5
-
cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:1.3.35
-
cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:1.3.37
-
cpe:2.3:o:telosalliance:omnia_mpx_node_firmware:1.4.9