{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T06:59:02.689","vulnerabilities":[{"cve":{"id":"CVE-2022-38123","sourceIdentifier":"VulnerabilityReporting@secomea.com","published":"2022-12-06T16:15:10.567","lastModified":"2024-11-21T07:15:50.430","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation of plugin files in Administrator Interface of Secomea GateManager allows a server administrator to inject code into the GateManager interface.\n\nThis issue affects:\n\nSecomea GateManager\n\nversions prior to 10.0.\n\n\n\n"},{"lang":"es","value":"La validación de entrada incorrecta de archivos de complemento en la interfaz de administrador de Secomea GateManager permite al administrador del servidor inyectar código en la interfaz de GateManager. Este problema afecta a: Versiones de Secomea GateManager anteriores a la 10.0."}],"metrics":{"cvssMetricV31":[{"source":"VulnerabilityReporting@secomea.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:H","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"VulnerabilityReporting@secomea.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:secomea:gatemanager:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.622395010","matchCriteriaId":"9B231401-38C1-4714-90B9-2F7044AEE042"}]}]}],"references":[{"url":"https://www.secomea.com/support/cybersecurity-advisory/","source":"VulnerabilityReporting@secomea.com","tags":["Vendor Advisory"]},{"url":"https://www.secomea.com/support/cybersecurity-advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}