CVE-2022-40269

HIGH Year: 2022
CVSS v3 Score
8.1
High
Weakness Type
CWE-290
View all →

Vulnerability Description

Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes.

Related Vulnerabilities

CVE-2017-16897

HIGH
CVSS:8.1(High)

A vulnerability has been discovered in the Auth0 passport-wsfed-saml2 library affecting versions < 3.0.5. This vulnerability allows an attacker to impersonate another user and potentially elevate thei...

CWE-2902017

CVE-2020-2002

HIGH
CVSS:8.1(High)

An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distri...

CWE-2902020

CVE-2022-0030

HIGH
CVSS:8.1(High)

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impers...

CWE-2902022

CVE-2022-30319

HIGH
CVSS:8.1(High)

Saia Burgess Controls (SBC) PCD through 2022-05-06 allows Authentication bypass. According to FSCT-2022-0062, there is a Saia Burgess Controls (SBC) PCD S-Bus authentication bypass issue. The affected...

CWE-2902022

CVE-2022-32747

HIGH
CVSS:8.1(High)

A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the loca...

CWE-2902022