CVE-2022-1965

Description

Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity

LOW

ConfidentialityImpact

NONE

AvailabilityImpact

PARTIAL

IntegrityImpact

PARTIAL

BaseScore

5.5

VectorString

AV:N/AC:L/Au:S/C:N/I:P/A:P

Version

2.0

AccessVector

NETWORK

Authentication

SINGLE