Cyber Resilience

CVE-2022-3083

Low

Published: 01 February 2023

Published
01 February 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
EPSS Score 0.0017 38.5th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-3083 is a low-severity Reliance on Cookies without Validation and Integrity Checking in a Security Decision (CWE-784) vulnerability in Landisgyr E850 Firmware. Its CVSS base score is 3.9 (Low).

Operationally, ranked at the 38.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if…

more

an attacker changes the cookie values.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

landisgyr
e850 firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References