Vulnerability in Skyhigh Security Secure Web Gateway (Swg)

CVE-2022-2310

An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x prior to 9.2.23, 8.x prior to 8.2.28, and controlled release 11.x prior to 11.2.1 allows a remote attacker to bypass authentication into the…

EPSS: 0.010 (58.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-2310?
CVE-2022-2310 is a critical-severity vulnerability in Skyhigh Security Secure Web Gateway (Swg), classified under Authentication Bypass by Spoofing. CVSS score: 10.0/10. Published 2022-07-27.
How severe is CVE-2022-2310?
Critical severity. CVSS v3 base score is 10.0 out of 10.