{"cve":{"cve_id":"CVE-2022-1358","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00781,"epss_percentile":0.5118,"epss_as_of":"2026-06-23","description":"The affected On-Premise is vulnerable to data exfiltration through improper neutralization of special elements used in an SQL command. This could allow an attacker to exfiltrate and dump all data held in the cnMaestro database.","published_at":"2022-05-17T20:12:45.478000Z","last_modified_at":null,"cvss_v3_score":5.9,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"total","cwes":["CWE-89"],"nvd_references":["https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-28T23:16:45.432744Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"H","value_label":"High"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"N","value_label":"None"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"cambium-networks","vendor_name":"Cambium Networks","product_slug":"cnmaestro","product_name":"cnMaestro","version_start":"unspecified","version_start_inclusive":true,"version_end":"3.0.3-r32","version_end_inclusive":false,"cpe23_uri":"cve5:cambium-networks:cnmaestro:unspecified:3.0.3-r32"},{"vendor_slug":"cambium-networks","vendor_name":"Cambium Networks","product_slug":"cnmaestro","product_name":"cnMaestro","version_start":"unspecified","version_start_inclusive":true,"version_end":"2.4.2-r29","version_end_inclusive":false,"cpe23_uri":"cve5:cambium-networks:cnmaestro:unspecified:2.4.2-r29"},{"vendor_slug":"cambium-networks","vendor_name":"Cambium Networks","product_slug":"cnmaestro","product_name":"cnMaestro","version_start":"unspecified","version_start_inclusive":true,"version_end":"3.0.0-r34","version_end_inclusive":false,"cpe23_uri":"cve5:cambium-networks:cnmaestro:unspecified:3.0.0-r34"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-132-04","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2022-05-17T20:12:45.478000Z","label":"CVE published","source":null},{"type":"ssvc_changed","at":"2026-06-24T00:31:53.340304Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:53.340304Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-24T00:31:53.340304Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:53.340304Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:53.340304Z","label":"CVSS score revised","source":"vulnrichment"},{"type":"cvss_changed","at":"2026-06-24T00:31:53.340304Z","label":"CVSS score revised","source":"vulnrichment"}]}