The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 | Third Party Advisory US Government Resource |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 | Third Party Advisory US Government Resource |
Configurations
History
21 Nov 2024, 06:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 - Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 7.5 |
Information
Published : 2022-02-25 19:15
Updated : 2024-11-21 06:45
NVD link : CVE-2022-21798
Mitre link : CVE-2022-21798
CVE.ORG link : CVE-2022-21798
JSON object : View
Products Affected
ge
- cimplicity
CWE
CWE-319
Cleartext Transmission of Sensitive Information