CVE-2022-38466 - AskarLabs CVE Database

CVE-2022-38466

Vendor Siemens

Product CoreShield One-Way Gateway (OWG) Software

Weakness CWE-284

Published September 13, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator.

Key dates

02Disclosure timeline

September 13, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-38466 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

04Related CVE

CVE-2022-35843 CVE-2023-32063 OroCRMCallBundle has incorrect call view page visibility CVE-2026-24035 Horilla has Improper Access Control Issue that Allows Unauthorized Document Upload on Behalf of Another Employee CVE-2026-42829 Windows Administrator Protection Secure Feature Bypass Vulnerability CVE-2021-3967 Improper Access Control in zulip/zulip