Kategori: Güvenlik Açıkları

CVE-2022-32747

A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by…

Devamını oku

CVE-2022-32748

A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure…

Devamını oku

CVE-2022-32514

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to gain control of the device when logging into a web page. Affected Products:…

Devamını oku

CVE-2022-32515

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause brute force attacks to take over the admin account when the product…

Devamını oku

CVE-2022-32516

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could cause system’s configurations override and cause a reboot loop when the product suffers from POST-Based…

Devamını oku

CVE-2022-32517

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with…

Devamını oku

CVE-2022-32518

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious…

Devamını oku

CVE-2022-32519

A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network…

Devamını oku

CVE-2022-32520

A CWE-522: Insufficiently Protected Credentials vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious…

Devamını oku

CVE-2022-32521

A CWE 502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is…

Devamını oku