Cyber Resilience

CVE-2022-50977

High

Published: 02 February 2026

Published
02 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0004 13.9th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-50977 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Innomic (inferred from references). Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2022-50977, published on 2026-02-02, is a vulnerability rated at CVSS 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) linked to CWE-306 (Missing Authentication for Critical Function). It enables an unauthenticated remote attacker to potentially disrupt operations by switching between multiple configuration presets via HTTP. The vulnerability affects software or components from Innomic, as indicated by their associated advisories.

An unauthenticated attacker with network access can exploit this issue due to low attack complexity, requiring no privileges or user interaction. Exploitation allows the attacker to switch configuration presets over HTTP, resulting in high availability impact through operational disruption, with no impact on confidentiality or integrity.

Innomic's advisories detail mitigations in CSAF format, available at https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.html and https://www.innomic.com/.well-known/csaf/white/2026/ids-2026-0001.json.

EU & UK References

Vulnerability details

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via HTTP.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Missing authentication on HTTP-accessible config preset switching directly enables remote exploitation of a public-facing application (T1190) resulting in availability impact.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-21515Shared CWE-306
CVE-2025-57432Shared CWE-306
CVE-2026-27446Shared CWE-306
CVE-2026-21446Shared CWE-306
CVE-2021-47891Shared CWE-306
CVE-2025-41715Shared CWE-306
CVE-2026-24790Shared CWE-306
CVE-2025-21524Shared CWE-306
CVE-2025-53072Shared CWE-306
CVE-2025-40771Shared CWE-306

Affected Assets

Innomic
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates CWE-306 by identifying and restricting critical functions like unauthenticated configuration preset switching to only approved actions without identification or authentication.

prevent

Restricts access to configuration changes, preventing unauthenticated attackers from switching presets and disrupting operations.

prevent

Enforces approved authorizations for access to system functions over HTTP, blocking unauthenticated preset switching.

References