CVE-2022-30228

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6), SICAM GridEdge Essential Intel (All versions < V2.6.6), SICAM GridEdge Essential with GDS ARM (All versions < V2.6.6), SICAM GridEdge Essential with GDS Intel (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed.
References
Configurations

Configuration 1

cpe:2.3:a:siemens:sicam_gridedge_essential:*:*:*:*:intel:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential:*:*:*:*:arm:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential:*:*:*:*:gds_intel:*:*:*
cpe:2.3:a:siemens:sicam_gridedge_essential:*:*:*:*:gds_arm:*:*:*

Information

Published : 2022-06-14 10:15

Updated : 2022-06-24 03:22


NVD link : CVE-2022-30228

Mitre link : CVE-2022-30228

Products Affected
No products.
CWE