CVE-2022-44565 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
hackerone	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 35%

Vendor	Product	Version
ui	airfiber_gigabeam_firmware	𝑥 < 1.4.1
ui	airfiber_60-xg_firmware	𝑥 < 1.0.0
ui	airfiber_60-hd_firmware	𝑥 < 1.0.0
ui	airfiber_60-lr_firmware	𝑥 < 2.6.2
ui	airmax_ac_firmware	𝑥 < 8.7.11
ui	airfiber_60_firmware	𝑥 < 2.6.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-284 - Improper Access Control
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References

https://community.ui.com/releases/Security-Advisory-Bulletin-027-027/123e4577-9f00-4777-abe1-64a1d56fee05

https://community.ui.com/releases/Security-Advisory-Bulletin-027-027/123e4577-9f00-4777-abe1-64a1d56fee05