{"id":"CVE-2022-29865","details":"OPC UA .NET Standard Stack allows a remote attacker to bypass the application authentication check via crafted fake credentials.","aliases":["GHSA-fvxf-r9fw-49pc"],"modified":"2026-04-12T06:00:39.311487Z","published":"2022-06-16T17:15:07.863Z","references":[{"type":"ADVISORY","url":"https://opcfoundation.org/security/"},{"type":"FIX","url":"https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-29865.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opcfoundation/ua-.netstandard","events":[{"introduced":"0"},{"fixed":"88a96a1d9711d83350e45f5bd339c1692be614c9"}],"database_specific":{"cpe":"cpe:2.3:a:opcfoundation:ua_.net_standard_stack:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"1.4.368.58"}],"source":"CPE_FIELD"}}],"versions":["1.03.350","1.04.353.15","1.04.354.21","1.04.354.23","1.4.355.26","1.4.356.27","1.4.357.28","1.4.358.30","1.4.359.31","1.4.360.33","1.4.361.39","1.4.362.42","1.4.363.49","1.4.366.31-preview","1.4.367.64-preview","1.4.368.27-preview","1.4.368.33","1.4.368.53"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-29865.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}