Vulnerability Description
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that show the password as having been changed when it is not, complicating forensics.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cognex | 3D-A1000 Dimensioning System Firmware | <= 1.0.3\(3354\) |
| Cognex | 3D-A1000 Dimensioning System | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-249-03Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-249-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2022-1522?
CVE-2022-1522 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that...
How severe is CVE-2022-1522?
CVE-2022-1522 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-1522?
Check the references section above for vendor advisories and patch information. Affected products include: Cognex 3D-A1000 Dimensioning System Firmware, Cognex 3D-A1000 Dimensioning System.