Vulnerabilities > CVE-2022-41688 - Unspecified vulnerability in Deltaww Infrasuite Device Master 00.00.01A

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
NONE
network
low complexity
deltaww

Summary

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to the administrator group.

Vulnerable Configurations

Part Description Count
Application
Deltaww
2