CVE-2022-22518 Information

Description

A bug in CmpUserMgr component can lead to only partially applied security policies. This can result in enabled anonymous access to components part of the applied security policy.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Reference

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17092&token=a556b1695843bb42084dc63d5bdf553ca02ea393&download=

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.5