CWE-322: CWE-322

Total CVEs

Critical

High

8.0

Avg CVSS

Yearly Trend

2026

2025

2024

2021

Top Affected Vendors

1 Broadcom 1

2 Eclipse 1

3 Redhat 1

4 Cisco 1

5 Tp Link 1

6 Arista 1

7 Keylime 1

All CWE-322 CVEs (7)

CVE-2026-1709

9.4

Keylime versions 7.12.0 and later have a critical authentication bypass vulnerability where the registrar fails to enforce client-side TLS certificate...

Feb 6, 2026

CVE-2025-20163

8.7

This vulnerability allows unauthenticated remote attackers to impersonate Cisco NDFC-managed devices via SSH man-in-the-middle attacks due to insuffic...

Jun 4, 2025

CVE-2024-47519

8.3

CVE-2024-47519 is a man-in-the-middle vulnerability in Arista's ETM backup upload functionality that allows attackers to intercept and potentially mod...

Jan 10, 2025

CVE-2025-62501

8.1

A misconfiguration in TP-Link Archer AX53 v1.0's SSH hostkey implementation allows attackers to perform man-in-the-middle attacks to capture device cr...

Feb 3, 2026

CVE-2021-34433

7.5

This vulnerability in Eclipse Californium allows attackers to bypass certificate verification during DTLS handshakes, enabling man-in-the-middle attac...

Aug 20, 2021

CVE-2024-7516

7.1

This vulnerability allows man-in-the-middle attackers to forge SSH keys during remote operations, enabling them to hijack service sessions on Brocade ...

Nov 12, 2024

CVE-2024-4871

6.8

This vulnerability in Satellite allows man-in-the-middle attacks when running remote execution jobs because SSH host key verification is disabled. Att...

May 14, 2024

About CWE-322 (CWE-322)

Our database tracks 7 CVEs classified as CWE-322, with 1 rated critical and 5 rated high severity. The average CVSS score for CWE-322 vulnerabilities is 8.0.

External reference: View CWE-322 on MITRE CWE →

Monitor CWE-322 Vulnerabilities

Get alerted when new CWE-322 CVEs affect your infrastructure.

Start Monitoring Free