CVE-2022-22508

CWE-20Improper Input Validation3 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 65.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
Codesys V3 Codesys Control FOR Beaglebone SLCodesys V3 Codesys Control FOR Empc-a/imx6 SLCodesys V3 Codesys Control FOR Iot2000 SL+25 more
Timeline
PublishedMay 15

Description

Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages20 packages

NVDcodesys/control< 4.7.0.0
NVDcodesys/hmi_\(sl\)< 3.5.18.40
CVEListV5codesys_v3/codesys_hmi_(sl)V0.0.0.0V3.5.18.40

🔴Vulnerability Details

2
CVEList
CODESYS V3: Improper Input Validation2023-05-15
GHSA
GHSA-r25h-c4pw-fm98: Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a speci2023-05-15
CVE-2022-22508 (MEDIUM CVSS 4.3) | Improper Input Validation vulnerabi | cvebase.io