logo

Database

Improper authorization control for web services In opcfoundation.netstandard.opc.ua

Description

Incorrect Implementation of Authentication Algorithm in OPCFoundation.NetStandard.Opc.Ua.Core A vulnerability was discovered in the OPC UA .NET Standard Stack that

    allows a malicious client or server to bypass the application authentication mechanism

    and allow a connection to an untrusted peer.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-298652. NVD-2022-298653. OSV-2022-298654. GHSA-fvxf-r9fw-49pc5. GCVE-2022-298656. GHSA-fvxf-r9fw-49pc7. files.opcfoundation.org

References

1. https://github.com/OPCFoundation/UA-.NETStandard/security/advisories/GHSA-fvxf-r9fw-49pc2. https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29865.pdf3. https://opcfoundation.org/security

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.