CVE-2022-22809
published 2022-02-09CVE-2022-22809: A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow modifications of the touch configurations in an unauthorized manner when an attacker attempts to modify the touch configurations. Affected Product: spaceLYnk (V2.6.2 and prior), Wiser for KNX (formerly homeLYnk) (V2.6.2 and prior), fellerLYnk (V2.6.2 and prior)
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| schneider-electric | fellerlynk_firmware | <= 2.6.2 | — |
| schneider-electric | spacelynk_firmware | <= 2.6.2 | — |
| schneider-electric | wiser_for_knx_firmware | <= 2.6.2 | — |
| sudo_project | sudo | >= 0 < 1.8.21p2-3ubuntu1.5 | 1.8.21p2-3ubuntu1.5 |
| sudo_project | sudo | >= 0 < 1.8.31-1ubuntu1.4 | 1.8.31-1ubuntu1.4 |
| sudo_project | sudo | >= 0 < 1.9.9-1ubuntu2.2 | 1.9.9-1ubuntu2.2 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
osv5.5MEDIUM