Medium severity5.7NVD Advisory· Published Aug 17, 2022· Updated Jun 17, 2026
CVE-2022-2338
CVE-2022-2338
Description
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= V1.22+ 1 more
- (no CPE)range: = V1.22
- (no CPE)range: V1.22
Patches
Vulnerability mechanics
References
2- industrial.softing.com/fileadmin/psirt/downloads/syt-2022-5.htmlnvdMitigationVendor Advisory
- www.cisa.gov/uscert/ics/advisories/icsa-22-228-04nvdMitigationThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.