CVE-2022-32516

Summary

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that could cause system’s configurations override and cause a reboot loop when the product suffers from POST-Based Cross-Site Request Forgery (CSRF). Affected Products: Conext™ ComBox (All Versions)

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricConext™ ComBoxAll Versionsaffected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References