CVE Vulnerabilities

CVE-2022-38124

Privilege Defined With Unsafe Actions

Published: Dec 13, 2022 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.

Weakness

A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.

Affected Software

Name Vendor Start Version End Version
Sitemanager_1129_firmware Secomea * 10.0.622425017 (excluding)

Potential Mitigations

References