How severe is CVE-2022-30228?

CVE-2022-30228 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-30228

Name: sicam_gridedge_essential
Author: siemens

8.8HIGH

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations.

Опубликовано: 6/14/2022Обновлено: 11/12/2025

Описание

A vulnerability has been identified in SICAM GridEdge (Classic) (All versions < V2.6.6). The affected software does not apply cross-origin resource sharing (CORS) restrictions for critical operations. In case an attacker tricks a legitimate user into accessing a special resource a malicious request could be executed.

ИИ-АнализНа базе ИИ

Затронутые продукты

siemenssicam_gridedge_essential

Ссылки

https://cert-portal.siemens.com/productcert/html/ssa-631336.html
https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf
PatchVendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf
PatchVendor Advisory