CVE-2022-43485

Summary

Use of Insufficiently Random Values in Honeywell OneWireless. This vulnerability may allow attacker to manipulate claims in client's JWT token. This issue affects OneWireless version 322.1

Affected Software

VendorProductVersion RangeStatus
HoneywellOneWireless322.1affected

Weaknesses

  • CWE-330: CWE-330: Use of Insufficiently Random Values

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References