{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T04:19:44.021","vulnerabilities":[{"cve":{"id":"CVE-2022-32517","sourceIdentifier":"cybersecurity@se.com","published":"2023-01-30T23:15:10.247","lastModified":"2024-11-21T07:06:32.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists that could cause an adversary to trick the interface user/admin into interacting with the application in an unintended way when the product does not implement restrictions on the ability to render within frames on external addresses. Affected Products: Conext™ ComBox (All Versions)"},{"lang":"es","value":"Existe una vulnerabilidad CWE-1021: Restricción inadecuada de las capas o marcos de la interfaz de usuario renderizados que podría causar que un adversario engañe la interfaz user/admin para que interactúe con la aplicación de una manera no deseada cuando el producto no implementa restricciones en la capacidad de renderizar dentro de los marcos. en direcciones externas. Productos afectados: Conext? ComBox (todas las versiones)"}],"metrics":{"cvssMetricV31":[{"source":"cybersecurity@se.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1021"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:schneider-electric:conext_combox_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"570ACEDE-DE9F-4E19-AA0F-A6C864263D4B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:schneider-electric:conext_combox:-:*:*:*:*:*:*:*","matchCriteriaId":"6F2F9562-402D-4069-83C0-E5C5CE05F2AB"}]}]}],"references":[{"url":"https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-03_ConextCombox_Security_Notification.pdf","source":"cybersecurity@se.com","tags":["Vendor Advisory"]},{"url":"https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-03_ConextCombox_Security_Notification.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}