Vulnerabilities > CVE-2022-1989 - Information Exposure Through Discrepancy vulnerability in Codesys Visualization 4.0.0.0

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

codesys

CWE-203

NVD

Published: 2022-08-23

Updated: 2022-08-26

Summary

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.

Vulnerable Configurations

Part	Description	Count
Application	Codesys Codesys Visualization 4.0.0.0	1

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=17142&token=a3696ab41fef800d2eaee8043d40d5fbe94277fd&download=