CVE-2022-29538

RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
resigemini-net
4.2
𝑥
= Vulnerable software versions
References
https://www.gruppotim.it/it/footer/red-team.html
https://www.resi.it/prodotti-soluzioni-commerciali/gemini-network-service-monitoring
https://www.gruppotim.it/it/footer/red-team.html
https://www.resi.it/prodotti-soluzioni-commerciali/gemini-network-service-monitoring