{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T03:15:00.946","vulnerabilities":[{"cve":{"id":"CVE-2022-30622","sourceIdentifier":"cna@cyber.gov.il","published":"2022-07-17T21:15:08.803","lastModified":"2024-11-21T07:03:02.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Disclosure of information - the system allows you to view usernames and passwords without permissions, thus it will be possible to enter the system. Path access: http://api/sys_username_passwd.cmd - The server loads the request clearly by default. Disclosure of hard-coded credit information within the JS code sent to the customer within the Login.js file is a strong user (which is not documented) and also the password, which allow for super-user access. Username: chcadmin, Password: chcpassword."},{"lang":"es","value":"Una revelación de información: el sistema permite visualizar los nombres de usuario y las contraseñas sin permisos, por lo que será posible entrar en el sistema. Acceso a la ruta: http://api/sys_username_passwd.cmd - El servidor carga la petición de forma clara por defecto. La divulgación de la información de crédito embebida en el código JS que es enviado al cliente dentro del archivo Login.js es un usuario fuerte (que no está documentado) y también la contraseña, que permiten el acceso de super usuario. Nombre de usuario: chcadmin, Contraseña: chcpassword"}],"metrics":{"cvssMetricV31":[{"source":"cna@cyber.gov.il","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:chcnav:p5e_gnss_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1","matchCriteriaId":"D517250C-921A-494E-9B38-6154732AA2E5"},{"vulnerable":true,"criteria":"cpe:2.3:o:chcnav:p5e_gnss_firmware:4.2:*:*:*:*:*:*:*","matchCriteriaId":"B26293DB-77D5-4417-B72C-6EEDFE6151D5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:chcnav:p5e_gnss:-:*:*:*:*:*:*:*","matchCriteriaId":"56783F0F-85AA-4B6F-BC24-3F7659A86567"}]}]}],"references":[{"url":"https://www.gov.il/en/Departments/faq/cve_advisories","source":"cna@cyber.gov.il","tags":["Third Party Advisory"]},{"url":"https://www.gov.il/en/Departments/faq/cve_advisories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}