CVEFinder.io

CVE-2022-1989

🔶 medium
🔍 Scan for this CVE
Summary

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.

CVSS Score
5.3
Medium
EPSS Score
0.2
Exploit Probability
Published Date
2022-08-23
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 19.7% of all 330,193 vulnerabilities in our database.

#265,260
Below average severity
Severity Percentile
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE IDs (Weakness Types)
CWE-204 CWE-203

📦 Affected Products 1

Vendor Product Status Affected Versions
codesys visualization Affected
≥ 4.0.0.0 < 4.2.0.0

🔗 References 1

https://customers.codesys.com/index.php?eID=dumpFile...
Mitigation Vendor Advisory

🔗 Related CVEs 1

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-0393 🔶 medium 6.5 0.0 The affected product may expose credentials remotely between low privileged visualization users during concurrent login ... 2026-05-21
These CVEs affect the same products