CVE-2022-38122

Summary

UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. An unauthenticated remote attacker can exploit this vulnerability to access sensitive data.

Affected Software

VendorProductVersion RangeStatus
POWERCOM CO., LTD.UPSMON PRO2.57affected

Weaknesses

  • CWE-319: CWE-319 Cleartext Transmission of Sensitive Information

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References