What is CVE-2022-30623?

CVE-2022-30623 is a medium-severity vulnerability in Chcnav - P5e Gnss, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 5.9/10. Published 2022-07-18.

How severe is CVE-2022-30623?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Vulnerability in Chcnav - P5e Gnss

CVE-2022-30623

The server checks the user's cookie in a non-standard way, and a value is entered in the cookie value name of the status and its value is set to true to bypass the identification with the system using a username and password.

EPSS: 0.001 (33.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L.

Affected products

Chcnav - P5e Gnss — versions 4.2

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

www.gov.il/en/Departments/faq/cve_advisories (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-30623?: CVE-2022-30623 is a medium-severity vulnerability in Chcnav - P5e Gnss, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 5.9/10. Published 2022-07-18.
How severe is CVE-2022-30623?: Medium severity. CVSS v3 base score is 5.9 out of 10.