Vulnerability in Skyhigh Security Secure Web Gateway (Swg)
CVE-2022-2310
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the…
EPSS: 0.010 (58.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Skyhigh Security Secure Web Gateway (Swg) — versions 10.x, 9.x, 8.x
- Skyhighsecurity Secure_web_gateway
Weakness classification (CWE)
References
- trellixpsirt@trellix.com (x_refsource_CONFIRM, Vendor Advisory)
Frequently asked questions
- What is CVE-2022-2310?
- CVE-2022-2310 is a critical-severity vulnerability in Skyhigh Security Secure Web Gateway (Swg), classified under Authentication Bypass by Spoofing. CVSS score: 10.0/10. Published 2022-07-27.
- How severe is CVE-2022-2310?
- Critical severity. CVSS v3 base score is 10.0 out of 10.