Description
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
Low
Affected products
- Cambium Networks / cnMaestrounspecified – 3.0.3-r32
- Cambium Networks / cnMaestrounspecified – 2.4.2-r29
- Cambium Networks / cnMaestrounspecified – 3.0.0-r34
References
- VENDOR_ADVISORYhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04