CVE-2022-1059

Summary

Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials.

Affected Software

VendorProductVersion RangeStatus
AethonTUG Home Base ServerAll versions < 24affected

Weaknesses

  • The “Load” tab of the Fleet Management Console is vulnerable to reflected cross-site scripting attacks.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References