ID
VAR-202212-1030
CVE
CVE-2022-2752
TITLE
Secomea of GateManager Authentication vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2022-022590
DESCRIPTION
A vulnerability in the web server of Secomea GateManager allows a local user to impersonate as the previous user under some failed login conditions. This issue affects: Secomea GateManager versions from 9.4 through 9.7. Secomea of GateManager An authentication vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.71
sources:
NVD: CVE-2022-2752 //
JVNDB: JVNDB-2022-022590 //
VULMON: CVE-2022-2752
AFFECTED PRODUCTS
| vendor: | secomea | model: | gatemanager | scope: | gte | version: | 9.4 | Trust: 1.0 |
| vendor: | secomea | model: | gatemanager | scope: | lte | version: | 9.7 | Trust: 1.0 |
| vendor: | secomea | model: | gatemanager | scope: | eq | version: | gatemanager firmware 9.4 to 9.7 | Trust: 0.8 |
| vendor: | secomea | model: | gatemanager | scope: | - | version: | - | Trust: 0.8 |
| vendor: | secomea | model: | gatemanager | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-022590 //
NVD: CVE-2022-2752
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-022590 //
CNNVD: CNNVD-202212-2763 //
NVD: CVE-2022-2752 //
NVD: CVE-2022-2752
PROBLEMTYPE DATA
| problemtype: | CWE-287 | Trust: 1.0 |
| problemtype: | Inappropriate authentication (CWE-287) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-022590 //
NVD: CVE-2022-2752
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202212-2763
TYPE
authorization issue
Trust: 0.6
sources:
CNNVD: CNNVD-202212-2763
PATCH
| title: | Secomea GateManager Remediation measures for authorization problem vulnerabilities | url: | http://123.124.177.30/web/xxk/bdxqById.tag?id=217187 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202212-2763
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-2752 | Trust: 3.3 |
| db: | JVNDB | id: | JVNDB-2022-022590 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202212-2763 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2022-2752 | Trust: 0.1 |
sources:
VULMON: CVE-2022-2752 //
JVNDB: JVNDB-2022-022590 //
CNNVD: CNNVD-202212-2763 //
NVD: CVE-2022-2752
REFERENCES
| url: | https://www.secomea.com/support/cybersecurity-advisory | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-2752 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-2752/ | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULMON: CVE-2022-2752 //
JVNDB: JVNDB-2022-022590 //
CNNVD: CNNVD-202212-2763 //
NVD: CVE-2022-2752
SOURCES
| db: | VULMON | id: | CVE-2022-2752 |
| db: | JVNDB | id: | JVNDB-2022-022590 |
| db: | CNNVD | id: | CNNVD-202212-2763 |
| db: | NVD | id: | CVE-2022-2752 |
LAST UPDATE DATE
2024-08-14T15:32:23.143000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2022-2752 | date: | 2022-12-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-022590 | date: | 2023-11-17T08:22:00 |
| db: | CNNVD | id: | CNNVD-202212-2763 | date: | 2022-12-13T00:00:00 |
| db: | NVD | id: | CVE-2022-2752 | date: | 2023-11-07T03:46:52.510 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2022-2752 | date: | 2022-12-09T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-022590 | date: | 2023-11-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-202212-2763 | date: | 2022-12-09T00:00:00 |
| db: | NVD | id: | CVE-2022-2752 | date: | 2022-12-09T14:15:09.893 |