How severe is CVE-2022-1318?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2022-1318?

This is classified as CWE-326, which is a common weakness in software security.

CVE-2022-1318 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local network for the configuration pages can be viewed by a malicious actor. The size of certain communications packets are predictable. This would allow an attacker to learn the state of the system if they can observe the traffic. This would be possible even if the traffic were encrypted, e.g., using WPA2, as the packet sizes would remain observable. The communication encryption scheme is theoretically sound, but is not strong enough for the level of protection required.

Related Vulnerabilities

CVE-2002-1682

MEDIUM

CVSS:5.5(Medium)

NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.

CWE-3262002

CVE-2002-1739

MEDIUM

CVSS:5.5(Medium)

Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user passwords, which allows local users to crack passwords.

CWE-3262002

CVE-2002-1946

MEDIUM

CVSS:5.5(Medium)

Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" option is used, stores the password with a weak encryption scheme (one-to-one mapping) in a registry ke...

CWE-3262002

CVE-2002-1975

MEDIUM

CVSS:5.5(Medium)

Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as stored in the Security.conf file, which makes it easier for local users to guess the password via br...

CWE-3262002

CVE-2018-1518

MEDIUM

CVSS:5.5(Medium)

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

CWE-3262018

CVE-2020-10375

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords...

CWE-3262020