Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series GT27 model versions 01.14.000 to 01.47.000, Mitsubishi Electric Corporation GOT2000 Series GT25 model versions 01.14.000 to 01.47.000 and Mitsubishi Electric Corporation GT SoftGOT2000 versions 1.265B to 1.285X allows a remote unauthenticated attacker to disclose sensitive information from users' browsers or spoof legitimate users by abusing inappropriate HTML attributes.
References
Link | Resource |
---|---|
https://jvn.jp/vu/JVNVU91222434/index.html | Third Party Advisory |
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-021_en.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Mitsubishi
Published: 2023-02-02T07:17:09.894Z
Updated:
Reserved: 2022-09-08T19:40:16.932Z
Link: CVE-2022-40269
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-02-02T08:15:07.917
Modified: 2023-02-09T21:08:11.267
Link: CVE-2022-40269
JSON object: View
Redhat Information
No data.
CWE