Vulnerabilities > CVE-2022-25783 - Unspecified vulnerability in Secomea products

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

secomea

NVD

Published: 2022-05-04

Updated: 2022-05-11

Summary

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.

Vulnerable Configurations

Part	Description	Count
OS	Secomea Secomea Gatemanager 4250 Firmware - Secomea Gatemanager 4250 Firmware 9.0I Secomea Gatemanager 4260 Firmware - Secomea Gatemanager 4260 Firmware 9.0G Secomea Gatemanager 4260 Firmware 9.0I Secomea Gatemanager 8250 Firmware 9.1B Secomea Gatemanager 8250 Firmware 9.2 Secomea Gatemanager 8250 Firmware 9.2B Secomea Gatemanager 8250 Firmware 9.2C Secomea Gatemanager 8250 Firmware 9.3 Secomea Gatemanager 8250 Firmware 9.3A Secomea Gatemanager 8250 Firmware 9.4 Secomea Gatemanager 8250 Firmware 9.4.621054022 Secomea Gatemanager 9250 Firmware - Secomea Gatemanager 9250 Firmware 9.0G Secomea Gatemanager 9250 Firmware 9.0I	16
Hardware	Secomea Secomea Gatemanager 4250 - Secomea Gatemanager 4260 - Secomea Gatemanager 8250 - Secomea Gatemanager 9250 -	4

References

https://www.secomea.com/support/cybersecurity-advisory/