{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T03:49:16.995","vulnerabilities":[{"cve":{"id":"CVE-2022-4779","sourceIdentifier":"vulnerability@ncsc.ch","published":"2022-12-29T00:15:09.497","lastModified":"2025-04-10T21:15:44.930","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to bypass the implemented authentication scheme.\nStreamX applications using StreamView HTML component with the public web server feature activated are affected. "},{"lang":"es","value":"Las aplicaciones StreamX desde las versiones 6.02.01 a 6.04.34 se ven afectadas por un error lógico que permite eludir el esquema de autenticación implementado. Las aplicaciones StreamX que utilizan el componente HTML StreamView con la función de servidor web público activada se ven afectadas."}],"metrics":{"cvssMetricV31":[{"source":"vulnerability@ncsc.ch","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:elvexys:streamx:*:*:*:*:*:*:*:*","versionStartIncluding":"6.02.01","versionEndIncluding":"6.04.34","matchCriteriaId":"12FCA161-3969-45C5-B91F-7A295A1A86E4"}]}]}],"references":[{"url":"https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/streamx-release-notes/","source":"vulnerability@ncsc.ch","tags":["Release Notes","Vendor Advisory"]},{"url":"https://elvexys.com/products/xpg-gateway-rtu-protocol-converter/streamx-release-notes/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}