CVE-2022-25780

Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
SecomeaCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
secomeagatemanager_4250_firmware
𝑥
< 9.7.622134021
secomeagatemanager_4260_firmware
𝑥
< 9.7.622134021
secomeagatemanager_8250_firmware
𝑥
< 9.7.622134021
secomeagatemanager_9250_firmware
𝑥
< 9.7.622134021
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
secomeagatemanager
𝑥
< 9.7
CNA
Common Weakness Enumeration
References
https://www.secomea.com/support/cybersecurity-advisory/
https://www.secomea.com/support/cybersecurity-advisory/