Vulnerabilities > CVE-2022-1521 - Missing Authorization vulnerability in Illumina Local RUN Manager 1.3/2.0/3.1

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
illumina
CWE-862
critical
NVD
Published: 2022-06-24
Updated: 2023-11-07

Summary

LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive data.

Vulnerable Configurations

Part Description Count
Application
Illumina
3
Hardware
Illumina
7

Common Weakness Enumeration (CWE)

References