1. Home
  2. CVE Database
  3. CVE-2022-25787
HIGH · 7.5

CVE-2022-25787

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all ...

Vulnerability Description

Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
SecomeaGatemanager 4250 Firmware< 9.7.622134021
SecomeaGatemanager 4250-
SecomeaGatemanager 4260 Firmware< 9.7.622134021
SecomeaGatemanager 4260-
SecomeaGatemanager 8250 Firmware< 9.7.622134021
SecomeaGatemanager 8250-
SecomeaGatemanager 9250 Firmware< 9.7.622134021
SecomeaGatemanager 9250-

Related Weaknesses (CWE)

CWE-598CWE-200

References

FAQ

What is CVE-2022-25787?

CVE-2022-25787 is a vulnerability with a CVSS score of 7.5 (HIGH). Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all ...

How severe is CVE-2022-25787?

CVE-2022-25787 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-25787?

Check the references section above for vendor advisories and patch information. Affected products include: Secomea Gatemanager 4250 Firmware, Secomea Gatemanager 4250, Secomea Gatemanager 4260 Firmware, Secomea Gatemanager 4260, Secomea Gatemanager 8250 Firmware.