A CWE-352: Cross-Site Request... CVE-2022-22808

6.8 AV AC AU C I A
发布: 2022-02-09
修订: 2024-11-21

A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conducting cross-domain attacks based on same-origin policy or cross-site request forgery protections bypass. Affected Product: EcoStruxure EV Charging Expert (formerly known as EVlink Load Management System): (HMIBSCEA53D1EDB, HMIBSCEA53D1EDS, HMIBSCEA53D1EDM, HMIBSCEA53D1EDL, HMIBSCEA53D1ESS, HMIBSCEA53D1ESM, HMIBSCEA53D1EML) (All Versions prior to SP8 (Version 01) V4.0.0.13)

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有14条受影响产品信息