CVE-2022-38124

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-38124
Debug tool in Secomea SiteManager allows logged-in administrator to modify system state in an unintended manner.

6.5 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.secomea.com/support/cybersecurity-advisory/ Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1129_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1129:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3329_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3329:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1529_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1529:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3529_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3529:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1139_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1139:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3339_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3339:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1539_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1539:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3539_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3539:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1149_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1149:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3349_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3349:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:secomea:sitemanager_1549_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_1549:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:secomea:sitemanager_3549_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:secomea:sitemanager_3549:-:*:*:*:*:*:*:*
Information

Published : 2022-12-13 06:15

Updated : 2022-12-15 21:02

NVD link : CVE-2022-38124

Mitre link : CVE-2022-38124

JSON object : View

CWE
CWE-269

Improper Privilege Management

Advertisement

dedicated server usa
Products Affected

secomea

  • sitemanager_1529
  • sitemanager_1139
  • sitemanager_1549_firmware
  • sitemanager_1149
  • sitemanager_3339
  • sitemanager_1539
  • sitemanager_3529_firmware
  • sitemanager_1129_firmware
  • sitemanager_3549
  • sitemanager_3349_firmware
  • sitemanager_1549
  • sitemanager_3329
  • sitemanager_1529_firmware
  • sitemanager_1139_firmware
  • sitemanager_3549_firmware
  • sitemanager_3329_firmware
  • sitemanager_1129
  • sitemanager_3529
  • sitemanager_1539_firmware
  • sitemanager_3539_firmware
  • sitemanager_3339_firmware
  • sitemanager_3539
  • sitemanager_3349
  • sitemanager_1149_firmware