CVE-2022-1525

Summary

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-602: Client-Side Enforcement of Server-Side Security, which could allow attackers to bypass web access controls by inspecting and modifying the source code of password protected web elements.

Affected Software

VendorProductVersion RangeStatus
Cognex3D-A1000 Dimensioning Systemall <= 1.0.3 (3354)affected

Weaknesses

  • CWE-602: CWE-602 Client-Side Enforcement of Server-Side Security

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References