cbcvebase.
CVE-2022-22508
published 2023-05-15

CVE-2022-22508: Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.

medium4.3CVSS 3.1
AVNACLPRLUINSUCNINAL
Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.

Affected

28 ranges· showing 25
VendorProductVersion rangeFixed in
codesyscontrol_for_beaglebone_sl< 4.7.0.04.7.0.0
codesyscontrol_for_empc-a_imx6_sl< 4.7.0.04.7.0.0
codesyscontrol_for_iot2000_sl< 4.7.0.04.7.0.0
codesyscontrol_for_linux_sl< 4.7.0.04.7.0.0
codesyscontrol_for_pfc100_sl< 4.7.0.04.7.0.0
codesyscontrol_for_pfc200_sl< 4.7.0.04.7.0.0
codesyscontrol_for_plcnext_sl< 4.7.0.04.7.0.0
codesyscontrol_for_raspberry_pi_sl< 4.7.0.04.7.0.0
codesyscontrol_for_wago_touch_panels_600_sl< 4.7.0.04.7.0.0
codesyscontrol_rte< 3.5.18.403.5.18.40
codesyscontrol_rte_sl< 3.5.18.403.5.18.40
codesyscontrol_runtime_system_toolkit< 3.5.18.403.5.18.40
codesyscontrol_win< 3.5.18.403.5.18.40
codesyshmi< 3.5.18.403.5.18.40
codesys_v3codesys_control_for_beaglebone_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_empc-a_imx6_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_iot2000_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_linux_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_pfc100_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_pfc200_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_plcnext_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_raspberry_pi_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_for_wago_touch_panels_600_sl>= V0.0.0.0 < V4.7.0.0V4.7.0.0
codesys_v3codesys_control_rte>= V0.0.0.0 < V3.5.18.40V3.5.18.40
codesys_v3codesys_control_rte_sl>= V0.0.0.0 < V3.5.18.40V3.5.18.40