CVE-2022-21798

The affected product is vulnerable due to cleartext transmission of credentials seen in the CIMPLICITY network, which can be easily spoofed and used to log in to make operational changes to the system.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 Third Party Advisory US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:ge:cimplicity:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:45

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 - Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-22-053-02 - Third Party Advisory, US Government Resource
CVSS v2 : 7.5
v3 : 9.8
v2 : 7.5
v3 : 7.5

Information

Published : 2022-02-25 19:15

Updated : 2024-11-21 06:45


NVD link : CVE-2022-21798

Mitre link : CVE-2022-21798

CVE.ORG link : CVE-2022-21798


JSON object : View

Products Affected

ge

  • cimplicity
CWE
CWE-319

Cleartext Transmission of Sensitive Information