Insecure transmission of credentials
CVE-2022-31805

7.5HIGH

Key Information:

Vendor: Codesys
Status: Codesys Development System; Codesys Gateway Client; Codesys Gateway Server; Codesys Web Server
Vendor: CVE Published:; 24 June 2022

What is CVE-2022-31805?

In the CODESYS Development System multiple components in multiple versions transmit the passwords for the communication between clients and servers unprotected.

Affected Version(s)

CODESYS Development System V2

CODESYS Development System V3

CODESYS Edge Gateway for Windows V3

References

https://customers.codesys.com/index.php?eID=dumpFile&t=f&...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2022
Vulnerability Reserved
May 30, 2022

Codesys

What is CVE-2022-31805?

Affected Version(s)

References

CVSS V3.1

Timeline