CVE-2022-45963
CRITICAL WAF: Low
CVSS 9.8
Published: 2022-12-27
CWE-269
h3c firewall <= 3.10 ESS6703 has a privilege bypass vulnerability.
WAF Coverage Analysis
Improper Privilege Management
Low WAF Coverage
OWASP: A01:2021 Broken Access Control
Affected Software
| Vendor | Product | Version |
|---|---|---|
| h3c | secpath_f5030_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5060_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5080_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5030-d_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5060-d_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5080-d_firmware | up to 3.10_ess6703 |
| h3c | secpath_f500-6gw_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5010_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5020_firmware | up to 3.10_ess6703 |
| h3c | secpath_f5040_firmware | up to 3.10_ess6703 |
References
- gist.github.com (Third Party Advisory)