Skip to main content

Improper Validation of Array Index

CVE-2022-47343

Severity Medium
Score 5.5/10

Summary

In engineermode services, there is a missing permission check. This could lead to local denial of service in engineermode services.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-129 - Improper Validation of Array Index

The product uses untrusted input when calculating or using an array index, but the product does not validate or incorrectly validates the index to ensure the index references a valid position within the array.

References

Advisory Timeline

  • Published