CVE-2022-44719

An issue was discovered in Weblib Ucopia before 6.0.13. The SSH Server has Insecure Permissions.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf	Exploit Third Party Advisory
https://www.ucopia.com/en/	Product

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:ucopia:wireless_appliance_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:ucopia:wireless_appliance:-:*:*:*:*:*:*:*

History

07 Jul 2023, 18:34

Type	Values Removed	Values Added
First Time		Ucopia Ucopia wireless Appliance Ucopia wireless Appliance Firmware
CPE		cpe:2.3:o:ucopia:wireless_appliance_firmware:::::::: cpe:2.3:h:ucopia:wireless_appliance:-:::::::*
CWE		CWE-732
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
References	~~(MISC) https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf -~~	(MISC) https://www.synacktiv.com/sites/default/files/2023-06/synacktiv-ucopia-multiple-vulnerabilities-2022.pdf - Exploit, Third Party Advisory
References	~~(MISC) https://www.ucopia.com/en/ -~~	(MISC) https://www.ucopia.com/en/ - Product

29 Jun 2023, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-06-29 20:15

Updated : 2024-02-28 20:13

NVD link : CVE-2022-44719

Mitre link : CVE-2022-44719

CVE.ORG link : CVE-2022-44719

JSON object : View

Products Affected

ucopia

wireless_appliance
wireless_appliance_firmware

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

7.5 /10