Vulnerability Description
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow an attacker to perform a SQL injection and obtain sensitive information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Airspan | Mimosa Management Platform | < 1.0.3 |
| Airspan | C6X Firmware | < 2.8.6.1 |
| Airspan | C6X | - |
| Airspan | C5X Firmware | < 2.8.6.1 |
| Airspan | C5X | - |
| Airspan | C5C Firmware | < 2.8.6.1 |
| Airspan | C5C | - |
| Airspan | A5X Firmware | < 2.5.4.1 |
| Airspan | A5X | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02Third Party AdvisoryUS Government Resource
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2022-21176?
CVE-2022-21176 is a vulnerability with a CVSS score of 8.6 (HIGH). MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input, which may allow ...
How severe is CVE-2022-21176?
CVE-2022-21176 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21176?
Check the references section above for vendor advisories and patch information. Affected products include: Airspan Mimosa Management Platform, Airspan C6X Firmware, Airspan C6X, Airspan C5X Firmware, Airspan C5X.