CVE-2022-1989

Medium

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote,…

CERTVDE·CWE-204·Published 2022-08-23

CVSS

5.3

EPSS

0.01

KEV

Exploits

cve.orgen

179 chars

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.

NVDen

179 chars

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.

Todas las versiones de CODESYS Visualization anteriores a V4.2.0.0, generan un diálogo de inicio de sesión vulnerable a una exposición de información que permite a un atacante remoto no autenticado enumerar usuarios válidos.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Primary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.1	Secondary	NVD	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N