CVE-2022-1965
Description
Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.
References
MitigationVendor Advisory
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | NONE |
AvailabilityImpact | PARTIAL |
IntegrityImpact | PARTIAL |
BaseScore | 5.5 |
VectorString | AV:N/AC:L/Au:S/C:N/I:P/A:P |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | SINGLE |