{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:54:20.034","vulnerabilities":[{"cve":{"id":"CVE-2022-22520","sourceIdentifier":"info@cert.vde.com","published":"2022-09-14T14:15:12.427","lastModified":"2024-11-21T06:46:56.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2."},{"lang":"es","value":"Un atacante remoto no autenticado puede enumerar usuarios válidos mediante el envío de peticiones específicas al webservice de la línea de conexión MB mymbCONNECT24, mbCONNECT24 y Helmholz myREX24 y myREX24.virtual en todas las versiones hasta v2.11.2"}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-204"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mbconnectline:mbconnect24:*:*:*:*:*:*:*:*","versionEndIncluding":"2.11.2","matchCriteriaId":"2D55D697-78A4-44E3-B6B6-E5349C610148"},{"vulnerable":true,"criteria":"cpe:2.3:a:mbconnectline:mymbconnect24:*:*:*:*:*:*:*:*","versionEndIncluding":"2.11.2","matchCriteriaId":"04561EEC-B011-46F8-8C56-E5546D0ECD6A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:helmholz:myrex24:*:*:*:*:*:*:*:*","versionEndIncluding":"2.11.2","matchCriteriaId":"8EE3EED2-43AC-4129-B2C8-88DEBFEF8BA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:helmholz:myrex24.virtual:*:*:*:*:*:*:*:*","versionEndIncluding":"2.11.2","matchCriteriaId":"847B9BE1-D7E5-4B6B-A59D-282BB58A8B64"}]}]}],"references":[{"url":"https://cert.vde.com/en/advisories/VDE-2022-011","source":"info@cert.vde.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://cert.vde.com/en/advisories/VDE-2022-039","source":"info@cert.vde.com","tags":["Not Applicable"]},{"url":"https://cert.vde.com/en/advisories/VDE-2022-011","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://cert.vde.com/en/advisories/VDE-2022-039","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}}]}