Unauthenticated API allowing an attacker to obtain the information about network resources
CVE-2022-4240

6.5MEDIUM

Key Information:

Vendor

Honeywell

Status
Onewireless
Vendor
CVE Published:
30 May 2023

What is CVE-2022-4240?

Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows Authentication Bypass. This issue affects OneWireless version 322.1

Affected Version(s)

OneWireless 322.1

References

https://process.honeywell.com/

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.