CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-45938

An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attacker can inject a stored XSS payload in the Device ID field under Inventory Management to achieve Remote Code Execution and privilege escalation..

Exploit prediction scoring system (EPSS) score

EPSS Score 0.195

EPSS Ranking 95.1%

CVSS Severity

CVSS v3 Score 9.0

References

https://my.xfinity.com/vulnerabilityreport
https://pensecure.medium.com/cve-2022-45938-f4c0d441da6f
https://my.xfinity.com/vulnerabilityreport
https://pensecure.medium.com/cve-2022-45938-f4c0d441da6f

Products affected by CVE-2022-45938

Xfinity » Comcast Defined Technologies Microeisbss » Version: N/A

cpe:2.3:a:xfinity:comcast_defined_technologies_microeisbss:-
Xfinity » Comcast Defined Technologies Microeisbss » Version: 2021

cpe:2.3:a:xfinity:comcast_defined_technologies_microeisbss:2021

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-45938

Products

Pricing

Contact Us