PT-2022-15692 · Spacelynk+1 · Spacelynk+2
Published
2022-02-09
·
Updated
2022-02-16
·
CVE-2022-22810
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
spaceLYnk versions 2.6.2 and prior
Wiser for KNX (formerly homeLYnk) versions 2.6.2 and prior
fellerLYnk versions 2.6.2 and prior
Description
A vulnerability exists that could allow an attacker to manipulate the admin after numerous attempts at guessing credentials, due to improper restriction of excessive authentication attempts.
Recommendations
For spaceLYnk versions 2.6.2 and prior, update to a version later than 2.6.2 to resolve the issue.
For Wiser for KNX (formerly homeLYnk) versions 2.6.2 and prior, update to a version later than 2.6.2 to resolve the issue.
For fellerLYnk versions 2.6.2 and prior, update to a version later than 2.6.2 to resolve the issue.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wiser For Knx
Fellerlynk
Spacelynk