All the vulnerabilites related to Siemens - SCALANCE SC626-2C
cve-2022-46142
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:24
Summary
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.2
Siemens SCALANCE M804PB Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.2
Siemens SCALANCE M874-2 Version: All versions < V7.2
Siemens SCALANCE M874-3 Version: All versions < V7.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.2
Siemens SCALANCE M876-4 Version: All versions < V7.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.2
Siemens SCALANCE S615 Version: All versions < V7.2
Siemens SCALANCE S615 EEC Version: All versions < V7.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3
Siemens SCALANCE SC622-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC626-2C Version: All versions < V2.3
Siemens SCALANCE SC626-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC632-2C Version: All versions < V2.3
Siemens SCALANCE SC632-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC636-2C Version: All versions < V2.3
Siemens SCALANCE SC636-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC642-2C Version: All versions < V2.3
Siemens SCALANCE SC642-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC646-2C Version: All versions < V2.3
Siemens SCALANCE SC646-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1788-1 M12 Version: All versions
Siemens SCALANCE W1788-2 EEC M12 Version: All versions
Siemens SCALANCE W1788-2 M12 Version: All versions
Siemens SCALANCE W1788-2IA M12 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 EEC Version: All versions
Siemens SCALANCE W778-1 M12 EEC (USA) Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE WAM763-1 Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB208 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB208 (PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB216 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB216 (PN) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (SC) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: All versions < V4.4
Siemens SCALANCE XC208 Version: All versions < V4.4
Siemens SCALANCE XC208EEC Version: All versions < V4.4
Siemens SCALANCE XC208G Version: All versions < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: All versions < V4.4
Siemens SCALANCE XC208G EEC Version: All versions < V4.4
Siemens SCALANCE XC208G PoE Version: All versions < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216 Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216-4C Version: All versions < V4.4
Siemens SCALANCE XC216-4C G Version: All versions < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC216-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XC216EEC Version: All versions < V4.4
Siemens SCALANCE XC224 Version: All versions < V4.4
Siemens SCALANCE XC224-4C G Version: All versions < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC224-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XF204 Version: All versions < V4.4
Siemens SCALANCE XF204 DNA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA DNA Version: All versions < V4.4
Siemens SCALANCE XM408-4C Version: All versions < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM408-8C Version: All versions < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM416-4C Version: All versions < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XP208 Version: All versions < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP208EEC Version: All versions < V4.4
Siemens SCALANCE XP208PoE EEC Version: All versions < V4.4
Siemens SCALANCE XP216 Version: All versions < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP216EEC Version: All versions < V4.4
Siemens SCALANCE XP216POE EEC Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: All versions < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:24:03.321Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-257",
              "description": "CWE-257: Storing Passwords in a Recoverable Format",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:21:11.037Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-46142",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-11-28T00:00:00",
    "dateUpdated": "2024-08-03T14:24:03.321Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-36323
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Summary
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.1.2
Siemens SCALANCE M804PB Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.1.2
Siemens SCALANCE M874-2 Version: All versions < V7.1.2
Siemens SCALANCE M874-3 Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.1.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.1.2
Siemens SCALANCE S615 Version: All versions < V7.1.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3.1
Siemens SCALANCE SC626-2C Version: All versions < V2.3.1
Siemens SCALANCE SC632-2C Version: All versions < V2.3.1
Siemens SCALANCE SC636-2C Version: All versions < V2.3.1
Siemens SCALANCE SC642-2C Version: All versions < V2.3.1
Siemens SCALANCE SC646-2C Version: All versions < V2.3.1
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1788-1 M12 Version: All versions
Siemens SCALANCE W1788-2 EEC M12 Version: All versions
Siemens SCALANCE W1788-2 M12 Version: All versions
Siemens SCALANCE W1788-2IA M12 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 EEC Version: All versions
Siemens SCALANCE W778-1 M12 EEC (USA) Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE WAM763-1 Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB208 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB208 (PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB216 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB216 (PN) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (SC) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: All versions < V4.4
Siemens SCALANCE XC208 Version: All versions < V4.4
Siemens SCALANCE XC208EEC Version: All versions < V4.4
Siemens SCALANCE XC208G Version: All versions < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: All versions < V4.4
Siemens SCALANCE XC208G EEC Version: All versions < V4.4
Siemens SCALANCE XC208G PoE Version: All versions < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216 Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216-4C Version: All versions < V4.4
Siemens SCALANCE XC216-4C G Version: All versions < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC216-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XC216EEC Version: All versions < V4.4
Siemens SCALANCE XC224 Version: All versions < V4.4
Siemens SCALANCE XC224-4C G Version: All versions < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC224-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XF204 Version: All versions < V4.4
Siemens SCALANCE XF204 DNA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA DNA Version: All versions < V4.4
Siemens SCALANCE XM408-4C Version: All versions < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM408-8C Version: All versions < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM416-4C Version: All versions < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XP208 Version: All versions < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP208EEC Version: All versions < V4.4
Siemens SCALANCE XP208PoE EEC Version: All versions < V4.4
Siemens SCALANCE XP216 Version: All versions < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP216EEC Version: All versions < V4.4
Siemens SCALANCE XP216POE EEC Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: All versions < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:00:04.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices do not properly sanitize an input field.  This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-74",
              "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:20:59.701Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-36323",
    "datePublished": "2022-08-10T11:18:33",
    "dateReserved": "2022-07-20T00:00:00",
    "dateUpdated": "2024-08-03T10:00:04.366Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-46140
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-03 14:24
Summary
Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.2
Siemens SCALANCE M804PB Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.2
Siemens SCALANCE M874-2 Version: All versions < V7.2
Siemens SCALANCE M874-3 Version: All versions < V7.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.2
Siemens SCALANCE M876-4 Version: All versions < V7.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.2
Siemens SCALANCE S615 Version: All versions < V7.2
Siemens SCALANCE S615 EEC Version: All versions < V7.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3
Siemens SCALANCE SC626-2C Version: All versions < V2.3
Siemens SCALANCE SC632-2C Version: All versions < V2.3
Siemens SCALANCE SC636-2C Version: All versions < V2.3
Siemens SCALANCE SC642-2C Version: All versions < V2.3
Siemens SCALANCE SC646-2C Version: All versions < V2.3
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1788-1 M12 Version: All versions
Siemens SCALANCE W1788-2 EEC M12 Version: All versions
Siemens SCALANCE W1788-2 M12 Version: All versions
Siemens SCALANCE W1788-2IA M12 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 EEC Version: All versions
Siemens SCALANCE W778-1 M12 EEC (USA) Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE WAM763-1 Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB208 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB208 (PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB216 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB216 (PN) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (SC) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: All versions < V4.4
Siemens SCALANCE XC208 Version: All versions < V4.4
Siemens SCALANCE XC208EEC Version: All versions < V4.4
Siemens SCALANCE XC208G Version: All versions < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: All versions < V4.4
Siemens SCALANCE XC208G EEC Version: All versions < V4.4
Siemens SCALANCE XC208G PoE Version: All versions < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216 Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216-4C Version: All versions < V4.4
Siemens SCALANCE XC216-4C G Version: All versions < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC216-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XC216EEC Version: All versions < V4.4
Siemens SCALANCE XC224 Version: All versions < V4.4
Siemens SCALANCE XC224-4C G Version: All versions < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC224-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XF204 Version: All versions < V4.4
Siemens SCALANCE XF204 DNA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA DNA Version: All versions < V4.4
Siemens SCALANCE XM408-4C Version: All versions < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM408-8C Version: All versions < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM416-4C Version: All versions < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XP208 Version: All versions < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP208EEC Version: All versions < V4.4
Siemens SCALANCE XP208PoE EEC Version: All versions < V4.4
Siemens SCALANCE XP216 Version: All versions < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP216EEC Version: All versions < V4.4
Siemens SCALANCE XP216POE EEC Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: All versions < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:24:03.297Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-327",
              "description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:21:07.520Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-46140",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-11-28T00:00:00",
    "dateUpdated": "2024-08-03T14:24:03.297Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-34821
Vulnerability from cvelistv5
Published
2022-07-12 00:00
Modified
2024-08-03 09:22
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.2
Siemens SCALANCE M804PB Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.2
Siemens SCALANCE M874-2 Version: All versions < V7.2
Siemens SCALANCE M874-3 Version: All versions < V7.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.2
Siemens SCALANCE M876-4 Version: All versions < V7.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.2
Siemens SCALANCE S615 Version: All versions < V7.2
Siemens SCALANCE S615 EEC Version: All versions < V7.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3
Siemens SCALANCE SC622-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC626-2C Version: All versions < V2.3
Siemens SCALANCE SC626-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC632-2C Version: All versions < V2.3
Siemens SCALANCE SC632-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC636-2C Version: All versions < V2.3
Siemens SCALANCE SC636-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC642-2C Version: All versions < V2.3
Siemens SCALANCE SC642-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE SC646-2C Version: All versions < V2.3
Siemens SCALANCE SC646-2C Version: All versions >= V2.3 < V3.0
Siemens SCALANCE WAM763-1 Version: All versions
Siemens SCALANCE WAM766-1 (EU) Version: All versions
Siemens SCALANCE WAM766-1 (US) Version: All versions
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions
Siemens SCALANCE WUM763-1 Version: All versions
Siemens SCALANCE WUM763-1 Version: All versions
Siemens SCALANCE WUM766-1 (EU) Version: All versions
Siemens SCALANCE WUM766-1 (US) Version: All versions
Siemens SIMATIC CP 1242-7 V2 Version: All versions < V3.3.46
Siemens SIMATIC CP 1243-1 Version: All versions < V3.3.46
Siemens SIMATIC CP 1243-7 LTE EU Version: All versions < V3.3.46
Siemens SIMATIC CP 1243-7 LTE US Version: All versions < V3.3.46
Siemens SIMATIC CP 1243-8 IRC Version: All versions < V3.3.46
Siemens SIMATIC CP 1542SP-1 IRC Version: All versions >= V2.0 < V2.2.28
Siemens SIMATIC CP 1543-1 Version: All versions < V3.0.22
Siemens SIMATIC CP 1543SP-1 Version: All versions >= V2.0 < V2.2.28
Siemens SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL Version: All versions >= V2.0 < V2.2.28
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC Version: All versions >= V2.0 < V2.2.28
Siemens SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL Version: All versions >= V2.0 < V2.2.28
Siemens SIPLUS NET CP 1242-7 V2 Version: All versions < V3.3.46
Siemens SIPLUS NET CP 1543-1 Version: All versions < V3.0.22
Siemens SIPLUS S7-1200 CP 1243-1 Version: All versions < V3.3.46
Siemens SIPLUS S7-1200 CP 1243-1 RAIL Version: All versions < V3.3.46
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T09:22:10.733Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.3 \u003c V3.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-7 LTE US",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1243-8 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1542SP-1 IRC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0.22"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIMATIC CP 1543SP-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003e= V2.0 \u003c V2.2.28"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1242-7 V2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET CP 1543-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.0.22"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS S7-1200 CP 1243-1 RAIL",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V3.3.46"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:20:57.022Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-34821",
    "datePublished": "2022-07-12T00:00:00",
    "dateReserved": "2022-06-29T00:00:00",
    "dateUpdated": "2024-08-03T09:22:10.733Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-46143
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-08-13 07:50
Summary
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) EU Version: 0   < V8.0
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: 0   < V7.2
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: 0   < V8.0
Siemens SCALANCE M804PB Version: 0   < V7.2
Siemens SCALANCE M804PB Version: 0   < V8.0
Siemens SCALANCE M812-1 ADSL-Router Version: 0   < V7.2
Siemens SCALANCE M812-1 ADSL-Router Version: 0   < V8.0
Siemens SCALANCE M812-1 ADSL-Router Version: 0   < V7.2
Siemens SCALANCE M812-1 ADSL-Router Version: 0   < V8.0
Siemens SCALANCE M816-1 ADSL-Router Version: 0   < V7.2
Siemens SCALANCE M816-1 ADSL-Router Version: 0   < V8.0
Siemens SCALANCE M816-1 ADSL-Router Version: 0   < V7.2
Siemens SCALANCE M816-1 ADSL-Router Version: 0   < V8.0
Siemens SCALANCE M826-2 SHDSL-Router Version: 0   < V7.2
Siemens SCALANCE M826-2 SHDSL-Router Version: 0   < V8.0
Siemens SCALANCE M874-2 Version: 0   < V7.2
Siemens SCALANCE M874-2 Version: 0   < V8.0
Siemens SCALANCE M874-3 Version: 0   < V7.2
Siemens SCALANCE M874-3 Version: 0   < V8.0
Siemens SCALANCE M876-3 Version: 0   < V7.2
Siemens SCALANCE M876-3 Version: 0   < V8.0
Siemens SCALANCE M876-3 (ROK) Version: 0   < V7.2
Siemens SCALANCE M876-3 (ROK) Version: 0   < V8.0
Siemens SCALANCE M876-4 Version: 0   < V7.2
Siemens SCALANCE M876-4 Version: 0   < V8.0
Siemens SCALANCE M876-4 (EU) Version: 0   < V7.2
Siemens SCALANCE M876-4 (EU) Version: 0   < V8.0
Siemens SCALANCE M876-4 (NAM) Version: 0   < V7.2
Siemens SCALANCE M876-4 (NAM) Version: 0   < V8.0
Siemens SCALANCE MUM853-1 (EU) Version: 0   < V7.2
Siemens SCALANCE MUM853-1 (EU) Version: 0   < V8.0
Siemens SCALANCE MUM856-1 (EU) Version: 0   < V7.2
Siemens SCALANCE MUM856-1 (EU) Version: 0   < V8.0
Siemens SCALANCE MUM856-1 (RoW) Version: 0   < V7.2
Siemens SCALANCE MUM856-1 (RoW) Version: 0   < V8.0
Siemens SCALANCE S615 EEC LAN-Router Version: 0   < V7.2
Siemens SCALANCE S615 EEC LAN-Router Version: 0   < V8.0
Siemens SCALANCE S615 LAN-Router Version: 0   < V7.2
Siemens SCALANCE S615 LAN-Router Version: 0   < V8.0
Siemens SCALANCE SC622-2C Version: 0   < V2.3
Siemens SCALANCE SC622-2C Version: V2.3   < V3.0
Siemens SCALANCE SC626-2C Version: 0   < V2.3
Siemens SCALANCE SC626-2C Version: V2.3   < V3.0
Siemens SCALANCE SC632-2C Version: 0   < V2.3
Siemens SCALANCE SC632-2C Version: V2.3   < V3.0
Siemens SCALANCE SC636-2C Version: 0   < V2.3
Siemens SCALANCE SC636-2C Version: V2.3   < V3.0
Siemens SCALANCE SC642-2C Version: 0   < V2.3
Siemens SCALANCE SC642-2C Version: V2.3   < V3.0
Siemens SCALANCE SC646-2C Version: 0   < V2.3
Siemens SCALANCE SC646-2C Version: V2.3   < V3.0
Siemens SCALANCE W1748-1 M12 Version: 0   < *
Siemens SCALANCE W1748-1 M12 Version: 0   < *
Siemens SCALANCE W1788-1 M12 Version: 0   < *
Siemens SCALANCE W1788-2 EEC M12 Version: 0   < *
Siemens SCALANCE W1788-2 M12 Version: 0   < *
Siemens SCALANCE W1788-2IA M12 Version: 0   < *
Siemens SCALANCE W721-1 RJ45 Version: 0   < *
Siemens SCALANCE W721-1 RJ45 Version: 0   < *
Siemens SCALANCE W722-1 RJ45 Version: 0   < *
Siemens SCALANCE W722-1 RJ45 Version: 0   < *
Siemens SCALANCE W722-1 RJ45 Version: 0   < *
Siemens SCALANCE W734-1 RJ45 Version: 0   < *
Siemens SCALANCE W734-1 RJ45 Version: 0   < *
Siemens SCALANCE W734-1 RJ45 Version: 0   < *
Siemens SCALANCE W734-1 RJ45 (USA) Version: 0   < *
Siemens SCALANCE W738-1 M12 Version: 0   < *
Siemens SCALANCE W738-1 M12 Version: 0   < *
Siemens SCALANCE W748-1 M12 Version: 0   < *
Siemens SCALANCE W748-1 M12 Version: 0   < *
Siemens SCALANCE W748-1 RJ45 Version: 0   < *
Siemens SCALANCE W748-1 RJ45 Version: 0   < *
Siemens SCALANCE W761-1 RJ45 Version: 0   < *
Siemens SCALANCE W761-1 RJ45 Version: 0   < *
Siemens SCALANCE W774-1 M12 EEC Version: 0   < *
Siemens SCALANCE W774-1 M12 EEC Version: 0   < *
Siemens SCALANCE W774-1 RJ45 Version: 0   < *
Siemens SCALANCE W774-1 RJ45 Version: 0   < *
Siemens SCALANCE W774-1 RJ45 Version: 0   < *
Siemens SCALANCE W774-1 RJ45 Version: 0   < *
Siemens SCALANCE W774-1 RJ45 (USA) Version: 0   < *
Siemens SCALANCE W778-1 M12 Version: 0   < *
Siemens SCALANCE W778-1 M12 Version: 0   < *
Siemens SCALANCE W778-1 M12 EEC Version: 0   < *
Siemens SCALANCE W778-1 M12 EEC (USA) Version: 0   < *
Siemens SCALANCE W786-1 RJ45 Version: 0   < *
Siemens SCALANCE W786-1 RJ45 Version: 0   < *
Siemens SCALANCE W786-2 RJ45 Version: 0   < *
Siemens SCALANCE W786-2 RJ45 Version: 0   < *
Siemens SCALANCE W786-2 RJ45 Version: 0   < *
Siemens SCALANCE W786-2 SFP Version: 0   < *
Siemens SCALANCE W786-2 SFP Version: 0   < *
Siemens SCALANCE W786-2IA RJ45 Version: 0   < *
Siemens SCALANCE W786-2IA RJ45 Version: 0   < *
Siemens SCALANCE W788-1 M12 Version: 0   < *
Siemens SCALANCE W788-1 M12 Version: 0   < *
Siemens SCALANCE W788-1 RJ45 Version: 0   < *
Siemens SCALANCE W788-1 RJ45 Version: 0   < *
Siemens SCALANCE W788-2 M12 Version: 0   < *
Siemens SCALANCE W788-2 M12 Version: 0   < *
Siemens SCALANCE W788-2 M12 EEC Version: 0   < *
Siemens SCALANCE W788-2 M12 EEC Version: 0   < *
Siemens SCALANCE W788-2 M12 EEC Version: 0   < *
Siemens SCALANCE W788-2 RJ45 Version: 0   < *
Siemens SCALANCE W788-2 RJ45 Version: 0   < *
Siemens SCALANCE W788-2 RJ45 Version: 0   < *
Siemens SCALANCE WAM763-1 Version: 0   < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: 0   < V2.0
Siemens SCALANCE WAM766-1 (US) Version: 0   < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: 0   < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: 0   < V2.0
Siemens SCALANCE WUM763-1 Version: 0   < V2.0
Siemens SCALANCE WUM763-1 Version: 0   < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: 0   < V2.0
Siemens SCALANCE WUM766-1 (US) Version: 0   < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: 0   < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: 0   < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: 0   < V4.4
Siemens SCALANCE XB208 (E/IP) Version: 0   < V4.4
Siemens SCALANCE XB208 (PN) Version: 0   < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: 0   < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: 0   < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: 0   < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: 0   < V4.4
Siemens SCALANCE XB216 (E/IP) Version: 0   < V4.4
Siemens SCALANCE XB216 (PN) Version: 0   < V4.4
Siemens SCALANCE XC206-2 (SC) Version: 0   < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: 0   < V4.4
Siemens SCALANCE XC206-2G PoE Version: 0   < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: 0   < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: 0   < V4.4
Siemens SCALANCE XC206-2SFP Version: 0   < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: 0   < V4.4
Siemens SCALANCE XC206-2SFP G Version: 0   < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: 0   < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: 0   < V4.4
Siemens SCALANCE XC208 Version: 0   < V4.4
Siemens SCALANCE XC208EEC Version: 0   < V4.4
Siemens SCALANCE XC208G Version: 0   < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: 0   < V4.4
Siemens SCALANCE XC208G EEC Version: 0   < V4.4
Siemens SCALANCE XC208G PoE Version: 0   < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: 0   < V4.4
Siemens SCALANCE XC216 Version: 0   < V4.4
Siemens SCALANCE XC216-3G PoE Version: 0   < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: 0   < V4.4
Siemens SCALANCE XC216-4C Version: 0   < V4.4
Siemens SCALANCE XC216-4C G Version: 0   < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: 0   < V4.4
Siemens SCALANCE XC216-4C G EEC Version: 0   < V4.4
Siemens SCALANCE XC216EEC Version: 0   < V4.4
Siemens SCALANCE XC224 Version: 0   < V4.4
Siemens SCALANCE XC224-4C G Version: 0   < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: 0   < V4.4
Siemens SCALANCE XC224-4C G EEC Version: 0   < V4.4
Siemens SCALANCE XF204 Version: 0   < V4.4
Siemens SCALANCE XF204 DNA Version: 0   < V4.4
Siemens SCALANCE XF204-2BA Version: 0   < V4.4
Siemens SCALANCE XF204-2BA DNA Version: 0   < V4.4
Siemens SCALANCE XM408-4C Version: 0   < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XM408-8C Version: 0   < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XM416-4C Version: 0   < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XP208 Version: 0   < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: 0   < V4.4
Siemens SCALANCE XP208EEC Version: 0   < V4.4
Siemens SCALANCE XP208PoE EEC Version: 0   < V4.4
Siemens SCALANCE XP216 Version: 0   < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: 0   < V4.4
Siemens SCALANCE XP216EEC Version: 0   < V4.4
Siemens SCALANCE XP216POE EEC Version: 0   < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: 0   < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: 0   < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: 0   < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: 0   < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: 0   < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: 0   < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR524-8C, 24V Version: 0   < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: 0   < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 24V Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: 0   < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR528-6M Version: 0   < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: 0   < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR552-12M Version: 0   < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: 0   < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: 0   < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: 0   < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: 0   < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: 0   < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: 0   < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: 0   < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:24:03.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 EEC LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V7.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615 LAN-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V8.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V6.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V4.4",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1284",
              "description": "CWE-1284: Improper Validation of Specified Quantity in Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-13T07:50:25.824Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-46143",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-11-28T00:00:00",
    "dateUpdated": "2024-08-13T07:50:25.824Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-36324
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Summary
Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.1.2
Siemens SCALANCE M804PB Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.1.2
Siemens SCALANCE M874-2 Version: All versions < V7.1.2
Siemens SCALANCE M874-3 Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.1.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.1.2
Siemens SCALANCE S615 Version: All versions < V7.1.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3.1
Siemens SCALANCE SC626-2C Version: All versions < V2.3.1
Siemens SCALANCE SC632-2C Version: All versions < V2.3.1
Siemens SCALANCE SC636-2C Version: All versions < V2.3.1
Siemens SCALANCE SC642-2C Version: All versions < V2.3.1
Siemens SCALANCE SC646-2C Version: All versions < V2.3.1
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1788-1 M12 Version: All versions
Siemens SCALANCE W1788-2 EEC M12 Version: All versions
Siemens SCALANCE W1788-2 M12 Version: All versions
Siemens SCALANCE W1788-2IA M12 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 EEC Version: All versions
Siemens SCALANCE W778-1 M12 EEC (USA) Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE WAM763-1 Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB208 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB208 (PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB216 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB216 (PN) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (SC) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: All versions < V4.4
Siemens SCALANCE XC208 Version: All versions < V4.4
Siemens SCALANCE XC208EEC Version: All versions < V4.4
Siemens SCALANCE XC208G Version: All versions < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: All versions < V4.4
Siemens SCALANCE XC208G EEC Version: All versions < V4.4
Siemens SCALANCE XC208G PoE Version: All versions < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216 Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216-4C Version: All versions < V4.4
Siemens SCALANCE XC216-4C G Version: All versions < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC216-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XC216EEC Version: All versions < V4.4
Siemens SCALANCE XC224 Version: All versions < V4.4
Siemens SCALANCE XC224-4C G Version: All versions < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC224-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XF204 Version: All versions < V4.4
Siemens SCALANCE XF204 DNA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA DNA Version: All versions < V4.4
Siemens SCALANCE XM408-4C Version: All versions < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM408-8C Version: All versions < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM416-4C Version: All versions < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XP208 Version: All versions < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP208EEC Version: All versions < V4.4
Siemens SCALANCE XP208PoE EEC Version: All versions < V4.4
Siemens SCALANCE XP216 Version: All versions < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP216EEC Version: All versions < V4.4
Siemens SCALANCE XP216POE EEC Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: All versions < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:00:04.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attacker to bypass the TCP brute force prevention and lead to a denial of service condition for the duration of the attack."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:21:02.321Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-36324",
    "datePublished": "2022-08-10T11:18:39",
    "dateReserved": "2022-07-20T00:00:00",
    "dateUpdated": "2024-08-03T10:00:04.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-46144
Vulnerability from cvelistv5
Published
2022-12-13 00:00
Modified
2024-09-10 09:33
Summary
A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions < V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions < V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions < V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions < V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions < V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial interface irresponsive.
Impacted products
Vendor Product Version
Siemens SCALANCE SC622-2C Version: V2.3   < V3.0
Siemens SCALANCE SC626-2C Version: 0   < V2.3
Siemens SCALANCE SC626-2C Version: V2.3   < V3.0
Siemens SCALANCE SC632-2C Version: 0   < V2.3
Siemens SCALANCE SC632-2C Version: V2.3   < V3.0
Siemens SCALANCE SC636-2C Version: 0   < V2.3
Siemens SCALANCE SC636-2C Version: V2.3   < V3.0
Siemens SCALANCE SC642-2C Version: 0   < V2.3
Siemens SCALANCE SC642-2C Version: V2.3   < V3.0
Siemens SCALANCE SC646-2C Version: 0   < V2.3
Siemens SCALANCE SC646-2C Version: V2.3   < V3.0
Siemens SCALANCE WAB762-1 Version: 0   < *
Siemens SCALANCE WAM763-1 Version: 0   < *
Siemens SCALANCE WAM763-1 (ME) Version: 0   < *
Siemens SCALANCE WAM763-1 (US) Version: 0   < *
Siemens SCALANCE WAM766-1 (EU) Version: 0   < *
Siemens SCALANCE WAM766-1 (ME) Version: 0   < *
Siemens SCALANCE WAM766-1 (US) Version: 0   < *
Siemens SCALANCE WAM766-1 EEC (EU) Version: 0   < *
Siemens SCALANCE WAM766-1 EEC (ME) Version: 0   < *
Siemens SCALANCE WAM766-1 EEC (US) Version: 0   < *
Siemens SCALANCE WUB762-1 Version: 0   < *
Siemens SCALANCE WUB762-1 Version: 0   < *
Siemens SCALANCE WUM763-1 Version: 0   < *
Siemens SCALANCE WUM763-1 Version: 0   < *
Siemens SCALANCE WUM763-1 (US) Version: 0   < *
Siemens SCALANCE WUM763-1 (US) Version: 0   < *
Siemens SCALANCE WUM766-1 (EU) Version: 0   < *
Siemens SCALANCE WUM766-1 (ME) Version: 0   < *
Siemens SCALANCE WUM766-1 (US) Version: 0   < *
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:24:03.262Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/html/ssa-690517.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.0",
              "status": "affected",
              "version": "V2.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAB762-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1 (ME)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (ME)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (ME)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUB762-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUB762-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (ME)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC626-2C (6GK5626-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC632-2C (6GK5632-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC636-2C (6GK5636-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC642-2C (6GK5642-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions \u003c V2.3), SCALANCE SC646-2C (6GK5646-2GS00-2AC2) (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions), SCALANCE WAM766-1 (EU) (6GK5766-1GE00-7DA0) (All versions), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions), SCALANCE WAM766-1 EEC (EU) (6GK5766-1GE00-7TA0) (All versions), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions), SCALANCE WUB762-1 (6GK5762-1AJ00-2AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions), SCALANCE WUM766-1 (EU) (6GK5766-1GE00-3DA0) (All versions), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions), SCALANCE WUM766-1 (US) (6GK5766-1GE00-3DB0) (All versions). Affected devices do not properly process CLI commands after a user forcefully quitted the SSH connection. This could allow an authenticated attacker to make the CLI via SSH or serial  interface irresponsive."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-664",
              "description": "CWE-664: Improper Control of a Resource Through its Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-10T09:33:36.443Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
        },
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-690517.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-46144",
    "datePublished": "2022-12-13T00:00:00",
    "dateReserved": "2022-11-28T00:00:00",
    "dateUpdated": "2024-09-10T09:33:36.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-36325
Vulnerability from cvelistv5
Published
2022-08-10 11:18
Modified
2024-08-03 10:00
Summary
Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS.
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RM1224 LTE(4G) NAM Version: All versions < V7.1.2
Siemens SCALANCE M804PB Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M812-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex A) Version: All versions < V7.1.2
Siemens SCALANCE M816-1 ADSL-Router (Annex B) Version: All versions < V7.1.2
Siemens SCALANCE M826-2 SHDSL-Router Version: All versions < V7.1.2
Siemens SCALANCE M874-2 Version: All versions < V7.1.2
Siemens SCALANCE M874-3 Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (EVDO) Version: All versions < V7.1.2
Siemens SCALANCE M876-3 (ROK) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (EU) Version: All versions < V7.1.2
Siemens SCALANCE M876-4 (NAM) Version: All versions < V7.1.2
Siemens SCALANCE MUM853-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (EU) Version: All versions < V7.1.2
Siemens SCALANCE MUM856-1 (RoW) Version: All versions < V7.1.2
Siemens SCALANCE S615 Version: All versions < V7.1.2
Siemens SCALANCE SC622-2C Version: All versions < V2.3.1
Siemens SCALANCE SC626-2C Version: All versions < V2.3.1
Siemens SCALANCE SC632-2C Version: All versions < V2.3.1
Siemens SCALANCE SC636-2C Version: All versions < V2.3.1
Siemens SCALANCE SC642-2C Version: All versions < V2.3.1
Siemens SCALANCE SC646-2C Version: All versions < V2.3.1
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1748-1 M12 Version: All versions
Siemens SCALANCE W1788-1 M12 Version: All versions
Siemens SCALANCE W1788-2 EEC M12 Version: All versions
Siemens SCALANCE W1788-2 M12 Version: All versions
Siemens SCALANCE W1788-2IA M12 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W721-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W722-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 Version: All versions
Siemens SCALANCE W734-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W738-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 M12 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W748-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W761-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 M12 EEC Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 Version: All versions
Siemens SCALANCE W774-1 RJ45 (USA) Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 Version: All versions
Siemens SCALANCE W778-1 M12 EEC Version: All versions
Siemens SCALANCE W778-1 M12 EEC (USA) Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-1 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 RJ45 Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2 SFP Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W786-2IA RJ45 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 M12 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-1 RJ45 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 M12 EEC Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE W788-2 RJ45 Version: All versions
Siemens SCALANCE WAM763-1 Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (EU) Version: All versions < V2.0
Siemens SCALANCE WAM766-1 EEC (US) Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM763-1 Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (EU) Version: All versions < V2.0
Siemens SCALANCE WUM766-1 (US) Version: All versions < V2.0
Siemens SCALANCE XB205-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB205-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB208 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB208 (PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3 (ST, PN) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, E/IP) Version: All versions < V4.4
Siemens SCALANCE XB213-3LD (SC, PN) Version: All versions < V4.4
Siemens SCALANCE XB216 (E/IP) Version: All versions < V4.4
Siemens SCALANCE XB216 (PN) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (SC) Version: All versions < V4.4
Siemens SCALANCE XC206-2 (ST/BFOC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2G PoE EEC (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP EEC Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G (EIP DEF.) Version: All versions < V4.4
Siemens SCALANCE XC206-2SFP G EEC Version: All versions < V4.4
Siemens SCALANCE XC208 Version: All versions < V4.4
Siemens SCALANCE XC208EEC Version: All versions < V4.4
Siemens SCALANCE XC208G Version: All versions < V4.4
Siemens SCALANCE XC208G (EIP def.) Version: All versions < V4.4
Siemens SCALANCE XC208G EEC Version: All versions < V4.4
Siemens SCALANCE XC208G PoE Version: All versions < V4.4
Siemens SCALANCE XC208G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216 Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE Version: All versions < V4.4
Siemens SCALANCE XC216-3G PoE (54 V DC) Version: All versions < V4.4
Siemens SCALANCE XC216-4C Version: All versions < V4.4
Siemens SCALANCE XC216-4C G Version: All versions < V4.4
Siemens SCALANCE XC216-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC216-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XC216EEC Version: All versions < V4.4
Siemens SCALANCE XC224 Version: All versions < V4.4
Siemens SCALANCE XC224-4C G Version: All versions < V4.4
Siemens SCALANCE XC224-4C G (EIP Def.) Version: All versions < V4.4
Siemens SCALANCE XC224-4C G EEC Version: All versions < V4.4
Siemens SCALANCE XF204 Version: All versions < V4.4
Siemens SCALANCE XF204 DNA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA Version: All versions < V4.4
Siemens SCALANCE XF204-2BA DNA Version: All versions < V4.4
Siemens SCALANCE XM408-4C Version: All versions < V6.6
Siemens SCALANCE XM408-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM408-8C Version: All versions < V6.6
Siemens SCALANCE XM408-8C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XM416-4C Version: All versions < V6.6
Siemens SCALANCE XM416-4C (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XP208 Version: All versions < V4.4
Siemens SCALANCE XP208 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP208EEC Version: All versions < V4.4
Siemens SCALANCE XP208PoE EEC Version: All versions < V4.4
Siemens SCALANCE XP216 Version: All versions < V4.4
Siemens SCALANCE XP216 (Ethernet/IP) Version: All versions < V4.4
Siemens SCALANCE XP216EEC Version: All versions < V4.4
Siemens SCALANCE XP216POE EEC Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 x FE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR324WG (24 X FE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG Version: All versions < V4.4
Siemens SCALANCE XR326-2C PoE WG (without UL) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24XFE, 4XGE, 24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (24xFE,4xGE,AC230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, AC 230V) Version: All versions < V4.4
Siemens SCALANCE XR328-4C WG (28xGE, DC 24V) Version: All versions < V4.4
Siemens SCALANCE XR524-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR524-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 1x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 24V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V Version: All versions < V6.6
Siemens SCALANCE XR526-8C, 2x230V (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR528-6M (L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2, L3 int.) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SCALANCE XR552-12M (2HR2) Version: All versions < V6.6
Siemens SIPLUS NET SCALANCE XC206-2 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC206-2SFP Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC208 Version: All versions < V4.4
Siemens SIPLUS NET SCALANCE XC216-4C Version: All versions < V4.4
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:00:04.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) EU",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M804PB",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M812-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex A)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M816-1 ADSL-Router (Annex B)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M826-2 SHDSL-Router",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M874-3",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (EVDO)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-3 (ROK)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE M876-4 (NAM)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM853-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE MUM856-1 (RoW)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE S615",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V7.1.2"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC622-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC626-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC632-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC636-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC642-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE SC646-2C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.3.1"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 EEC M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W1788-2IA M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W721-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W722-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W734-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W738-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W748-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W761-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W774-1 RJ45 (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W778-1 M12 EEC (USA)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2 SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W786-2IA RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-1 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 M12 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE W788-2 RJ45",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WAM766-1 EEC (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM763-1",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (EU)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE WUM766-1 (US)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V2.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB205-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB208 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3 (ST, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB213-3LD (SC, PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (E/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XB216 (PN)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (SC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2 (ST/BFOC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2G PoE EEC (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G (EIP DEF.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC206-2SFP G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G (EIP def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC208G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-3G PoE (54 V DC)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G (EIP Def.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC224-4C G EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204 DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XF204-2BA DNA",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM408-8C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XM416-4C (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP208PoE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216 (Ethernet/IP)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XP216POE EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 x FE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR324WG (24 X FE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-2C PoE WG (without UL)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24XFE, 4XGE, 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE, 4xGE,DC24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (24xFE,4xGE,AC230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, AC 230V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR328-4C WG (28xGE, DC 24V)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR524-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 1x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 24V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8C, 2x230V (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR528-6M (L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2, L3 int.)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR552-12M (2HR2)",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V6.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC206-2SFP",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC208",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SIPLUS NET SCALANCE XC216-4C",
          "vendor": "Siemens",
          "versions": [
            {
              "status": "affected",
              "version": "All versions \u003c V4.4"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authenticated remote attacker with administrative privileges to inject code and lead to a DOM-based XSS."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-10T10:21:04.880Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-710008.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2022-36325",
    "datePublished": "2022-08-10T11:18:45",
    "dateReserved": "2022-07-20T00:00:00",
    "dateUpdated": "2024-08-03T10:00:04.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-202212-1136
Vulnerability from variot

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Information may be obtained. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers.

The Siemens SCALANCE M-800/S615 series has an information disclosure vulnerability due to the affected device not properly checking the TFTP block size

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1136",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance m876-4",
        "scope": "lt",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": "lt",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": "lt",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m876-3",
        "scope": "lt",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance mum856-1",
        "scope": "lt",
        "trust": 1.2,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance w778-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2g poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xp208eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 eec m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w761-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2ia m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204-2ba",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w786-2 sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte\\ eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr326-2c poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w721-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2sfp eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr328-4c wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb205-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance s615 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance m804pb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr524-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "ruggedcom rm1224 lte\\ nam",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w786-2ia rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xf204 dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xm416-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w738-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w1788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr526-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 ecc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc224-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr552-12m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w722-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xm408-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w734-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance m874-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xc216-3g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-2 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr528-6m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm408-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m874-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance wam763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w778-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xb216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr324wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr326-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-2 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance mum856-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance m876-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xb208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb205-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204-2bca dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615 eec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-636-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte nam",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum856-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-642-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m804pb",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-646-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-632-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte eu",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "ruggedcom rm1224 lte nam",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m804pb",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m874-2",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance m874-3",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance mum853-1",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance s615",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      },
      {
        "model": "scalance s615 eec",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "v8.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2022-46143",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "MULTIPLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 6.4,
            "id": "CNVD-2023-97251",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "NONE",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.2,
            "id": "CVE-2022-46143",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "None",
            "baseScore": 2.7,
            "baseSeverity": "Low",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-023553",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "High",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-46143",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-46143",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-023553",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-97251",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202212-3089",
            "trust": 0.6,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Information may be obtained. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. \n\r\n\r\nThe Siemens SCALANCE M-800/S615 series has an information disclosure vulnerability due to the affected device not properly checking the TFTP block size",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      }
    ],
    "trust": 2.16
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-46143",
        "trust": 3.8
      },
      {
        "db": "SIEMENS",
        "id": "SSA-413565",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-180704",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-04",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "id": "VAR-202212-1136",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      }
    ],
    "trust": 1.2398166874999998
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      }
    ]
  },
  "last_update_date": "2024-08-14T12:11:36.523000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Siemens SCALANCE M-800/S615 series information leakage vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/500346"
      },
      {
        "title": "Siemens part of the product Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218338"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-1284",
        "trust": 1.0
      },
      {
        "problemtype": "Improper validation of quantity specified in input (CWE-1284) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
      },
      {
        "trust": 1.6,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
      },
      {
        "trust": 1.0,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-46143"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-46143/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-12-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "date": "2023-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "date": "2022-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "date": "2022-12-13T16:15:25.137000",
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-12-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-97251"
      },
      {
        "date": "2023-11-29T03:03:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      },
      {
        "date": "2022-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      },
      {
        "date": "2024-08-13T08:15:05.483000",
        "db": "NVD",
        "id": "CVE-2022-46143"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023553"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3089"
      }
    ],
    "trust": 0.6
  }
}

var-202206-1962
Vulnerability from variot

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on foo.example.com can set cookies that also would match for bar.example.com, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method. curl Exists in a vulnerability in resource allocation without restrictions or throttling.Service operation interruption (DoS) It may be in a state. ========================================================================== Ubuntu Security Notice USN-5495-1 June 27, 2022

curl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 22.04 LTS
  • Ubuntu 21.10
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in curl.

Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries

Details:

Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205)

Harry Sintonen discovered that curl incorrectly handled certain HTTP compressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-32206)

Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207)

Harry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages. An attacker could possibly use this to perform a machine-in-the-diddle attack. (CVE-2022-32208)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 22.04 LTS: curl 7.81.0-1ubuntu1.3 libcurl3-gnutls 7.81.0-1ubuntu1.3 libcurl3-nss 7.81.0-1ubuntu1.3 libcurl4 7.81.0-1ubuntu1.3

Ubuntu 21.10: curl 7.74.0-1.3ubuntu2.3 libcurl3-gnutls 7.74.0-1.3ubuntu2.3 libcurl3-nss 7.74.0-1.3ubuntu2.3 libcurl4 7.74.0-1.3ubuntu2.3

Ubuntu 20.04 LTS: curl 7.68.0-1ubuntu2.12 libcurl3-gnutls 7.68.0-1ubuntu2.12 libcurl3-nss 7.68.0-1ubuntu2.12 libcurl4 7.68.0-1ubuntu2.12

Ubuntu 18.04 LTS: curl 7.58.0-2ubuntu3.19 libcurl3-gnutls 7.58.0-2ubuntu3.19 libcurl3-nss 7.58.0-2ubuntu3.19 libcurl4 7.58.0-2ubuntu3.19

In general, a standard system update will make all the necessary changes.

References: https://ubuntu.com/security/notices/USN-5495-1 CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208

Package Information: https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.3 https://launchpad.net/ubuntu/+source/curl/7.74.0-1.3ubuntu2.3 https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.12 https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.19 . These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.

For the stable distribution (bullseye), these problems have been fixed in version 7.74.0-1.3+deb11u2.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K i8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD waofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp rXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz Uao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE yIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab SPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF REStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R 1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt TV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38 EPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA= =3E71 -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202212-01


                                       https://security.gentoo.org/

Severity: High Title: curl: Multiple Vulnerabilities Date: December 19, 2022 Bugs: #803308, #813270, #841302, #843824, #854708, #867679, #878365 ID: 202212-01


Synopsis

Multiple vulnerabilities have been found in curl, the worst of which could result in arbitrary code execution.

Background

A command line tool and library for transferring data with URLs.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 net-misc/curl < 7.86.0 >= 7.86.0

Description

Multiple vulnerabilities have been discovered in curl. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All curl users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/curl-7.86.0"

References

[ 1 ] CVE-2021-22922 https://nvd.nist.gov/vuln/detail/CVE-2021-22922 [ 2 ] CVE-2021-22923 https://nvd.nist.gov/vuln/detail/CVE-2021-22923 [ 3 ] CVE-2021-22925 https://nvd.nist.gov/vuln/detail/CVE-2021-22925 [ 4 ] CVE-2021-22926 https://nvd.nist.gov/vuln/detail/CVE-2021-22926 [ 5 ] CVE-2021-22945 https://nvd.nist.gov/vuln/detail/CVE-2021-22945 [ 6 ] CVE-2021-22946 https://nvd.nist.gov/vuln/detail/CVE-2021-22946 [ 7 ] CVE-2021-22947 https://nvd.nist.gov/vuln/detail/CVE-2021-22947 [ 8 ] CVE-2022-22576 https://nvd.nist.gov/vuln/detail/CVE-2022-22576 [ 9 ] CVE-2022-27774 https://nvd.nist.gov/vuln/detail/CVE-2022-27774 [ 10 ] CVE-2022-27775 https://nvd.nist.gov/vuln/detail/CVE-2022-27775 [ 11 ] CVE-2022-27776 https://nvd.nist.gov/vuln/detail/CVE-2022-27776 [ 12 ] CVE-2022-27779 https://nvd.nist.gov/vuln/detail/CVE-2022-27779 [ 13 ] CVE-2022-27780 https://nvd.nist.gov/vuln/detail/CVE-2022-27780 [ 14 ] CVE-2022-27781 https://nvd.nist.gov/vuln/detail/CVE-2022-27781 [ 15 ] CVE-2022-27782 https://nvd.nist.gov/vuln/detail/CVE-2022-27782 [ 16 ] CVE-2022-30115 https://nvd.nist.gov/vuln/detail/CVE-2022-30115 [ 17 ] CVE-2022-32205 https://nvd.nist.gov/vuln/detail/CVE-2022-32205 [ 18 ] CVE-2022-32206 https://nvd.nist.gov/vuln/detail/CVE-2022-32206 [ 19 ] CVE-2022-32207 https://nvd.nist.gov/vuln/detail/CVE-2022-32207 [ 20 ] CVE-2022-32208 https://nvd.nist.gov/vuln/detail/CVE-2022-32208 [ 21 ] CVE-2022-32221 https://nvd.nist.gov/vuln/detail/CVE-2022-32221 [ 22 ] CVE-2022-35252 https://nvd.nist.gov/vuln/detail/CVE-2022-35252 [ 23 ] CVE-2022-35260 https://nvd.nist.gov/vuln/detail/CVE-2022-35260 [ 24 ] CVE-2022-42915 https://nvd.nist.gov/vuln/detail/CVE-2022-42915 [ 25 ] CVE-2022-42916 https://nvd.nist.gov/vuln/detail/CVE-2022-42916

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/202212-01

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202206-1962",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "h300s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h410s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "solidfire",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "universal forwarder",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.1.0"
      },
      {
        "model": "h700s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "element software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "universal forwarder",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "8.2.12"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "35"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "curl",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "haxx",
        "version": "7.71.0"
      },
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "13.0"
      },
      {
        "model": "universal forwarder",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.0.6"
      },
      {
        "model": "curl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "haxx",
        "version": "7.84.0"
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "universal forwarder",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.0.0"
      },
      {
        "model": "hci management node",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "clustered data ontap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h500s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "universal forwarder",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "8.2.0"
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "hci management node",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "element software",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h300s",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "solidfire",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "clustered data ontap",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "curl",
        "scope": null,
        "trust": 0.8,
        "vendor": "haxx",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "macos",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30a2\u30c3\u30d7\u30eb",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ubuntu",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "167607"
      }
    ],
    "trust": 0.1
  },
  "cve": "CVE-2022-32205",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2022-32205",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-424132",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-32205",
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "Low",
            "baseScore": 4.3,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2022-32205",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-32205",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-32205",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202206-2562",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-424132",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2022-32205",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method. curl Exists in a vulnerability in resource allocation without restrictions or throttling.Service operation interruption (DoS) It may be in a state. ==========================================================================\nUbuntu Security Notice USN-5495-1\nJune 27, 2022\n\ncurl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n- Ubuntu 21.10\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. \n\nSoftware Description:\n- curl: HTTP, HTTPS, and FTP client and client libraries\n\nDetails:\n\nHarry Sintonen discovered that curl incorrectly handled certain cookies. \nAn attacker could possibly use this issue to cause a denial of service. \nThis issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32205)\n\nHarry Sintonen discovered that curl incorrectly handled certain HTTP compressions. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2022-32206)\n\nHarry Sintonen incorrectly handled certain file permissions. \nAn attacker could possibly use this issue to expose sensitive information. \nThis issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207)\n\nHarry Sintonen discovered that curl incorrectly handled certain FTP-KRB messages. \nAn attacker could possibly use this to perform a machine-in-the-diddle attack. \n(CVE-2022-32208)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n  curl                            7.81.0-1ubuntu1.3\n  libcurl3-gnutls                 7.81.0-1ubuntu1.3\n  libcurl3-nss                    7.81.0-1ubuntu1.3\n  libcurl4                        7.81.0-1ubuntu1.3\n\nUbuntu 21.10:\n  curl                            7.74.0-1.3ubuntu2.3\n  libcurl3-gnutls                 7.74.0-1.3ubuntu2.3\n  libcurl3-nss                    7.74.0-1.3ubuntu2.3\n  libcurl4                        7.74.0-1.3ubuntu2.3\n\nUbuntu 20.04 LTS:\n  curl                            7.68.0-1ubuntu2.12\n  libcurl3-gnutls                 7.68.0-1ubuntu2.12\n  libcurl3-nss                    7.68.0-1ubuntu2.12\n  libcurl4                        7.68.0-1ubuntu2.12\n\nUbuntu 18.04 LTS:\n  curl                            7.58.0-2ubuntu3.19\n  libcurl3-gnutls                 7.58.0-2ubuntu3.19\n  libcurl3-nss                    7.58.0-2ubuntu3.19\n  libcurl4                        7.58.0-2ubuntu3.19\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n  https://ubuntu.com/security/notices/USN-5495-1\n  CVE-2022-32205, CVE-2022-32206, CVE-2022-32207, CVE-2022-32208\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.3\n  https://launchpad.net/ubuntu/+source/curl/7.74.0-1.3ubuntu2.3\n  https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.12\n  https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.19\n. These flaws may allow remote attackers to obtain sensitive\ninformation, leak authentication or cookie header data or facilitate a\ndenial of service attack. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 7.74.0-1.3+deb11u2. \n\nWe recommend that you upgrade your curl packages. \n\nFor the detailed security status of curl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/curl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K\ni8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD\nwaofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp\nrXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz\nUao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE\nyIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab\nSPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF\nREStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R\n1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt\nTV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38\nEPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA=\n=3E71\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 202212-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: curl: Multiple Vulnerabilities\n     Date: December 19, 2022\n     Bugs: #803308, #813270, #841302, #843824, #854708, #867679, #878365\n       ID: 202212-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been found in curl, the worst of which\ncould result in arbitrary code execution. \n\nBackground\n=========\nA command line tool and library for transferring data with URLs. \n\nAffected packages\n================\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  net-misc/curl              \u003c 7.86.0                    \u003e= 7.86.0\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in curl. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll curl users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/curl-7.86.0\"\n\nReferences\n=========\n[ 1 ] CVE-2021-22922\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22922\n[ 2 ] CVE-2021-22923\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22923\n[ 3 ] CVE-2021-22925\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22925\n[ 4 ] CVE-2021-22926\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22926\n[ 5 ] CVE-2021-22945\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22945\n[ 6 ] CVE-2021-22946\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22946\n[ 7 ] CVE-2021-22947\n      https://nvd.nist.gov/vuln/detail/CVE-2021-22947\n[ 8 ] CVE-2022-22576\n      https://nvd.nist.gov/vuln/detail/CVE-2022-22576\n[ 9 ] CVE-2022-27774\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27774\n[ 10 ] CVE-2022-27775\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27775\n[ 11 ] CVE-2022-27776\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27776\n[ 12 ] CVE-2022-27779\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27779\n[ 13 ] CVE-2022-27780\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27780\n[ 14 ] CVE-2022-27781\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27781\n[ 15 ] CVE-2022-27782\n      https://nvd.nist.gov/vuln/detail/CVE-2022-27782\n[ 16 ] CVE-2022-30115\n      https://nvd.nist.gov/vuln/detail/CVE-2022-30115\n[ 17 ] CVE-2022-32205\n      https://nvd.nist.gov/vuln/detail/CVE-2022-32205\n[ 18 ] CVE-2022-32206\n      https://nvd.nist.gov/vuln/detail/CVE-2022-32206\n[ 19 ] CVE-2022-32207\n      https://nvd.nist.gov/vuln/detail/CVE-2022-32207\n[ 20 ] CVE-2022-32208\n      https://nvd.nist.gov/vuln/detail/CVE-2022-32208\n[ 21 ] CVE-2022-32221\n      https://nvd.nist.gov/vuln/detail/CVE-2022-32221\n[ 22 ] CVE-2022-35252\n      https://nvd.nist.gov/vuln/detail/CVE-2022-35252\n[ 23 ] CVE-2022-35260\n      https://nvd.nist.gov/vuln/detail/CVE-2022-35260\n[ 24 ] CVE-2022-42915\n      https://nvd.nist.gov/vuln/detail/CVE-2022-42915\n[ 25 ] CVE-2022-42916\n      https://nvd.nist.gov/vuln/detail/CVE-2022-42916\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202212-01\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2022 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "PACKETSTORM",
        "id": "167607"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170303"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-32205",
        "trust": 3.7
      },
      {
        "db": "HACKERONE",
        "id": "1569946",
        "trust": 2.6
      },
      {
        "db": "SIEMENS",
        "id": "SSA-333517",
        "trust": 1.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-18",
        "trust": 0.9
      },
      {
        "db": "PACKETSTORM",
        "id": "167607",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU99464755",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU99752892",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94715153",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-166-12",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-075-01",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-103-09",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "169318",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6333",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.3732",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3117",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2163",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.5300",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.3143",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022062927",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022071142",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-424132",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "170303",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "PACKETSTORM",
        "id": "167607"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "id": "VAR-202206-1962",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      }
    ],
    "trust": 0.6566514
  },
  "last_update_date": "2024-08-14T12:33:12.095000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SSA-333517",
        "trust": 0.8,
        "url": "https://www.debian.org/security/2022/dsa-5197"
      },
      {
        "title": "curl Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=198519"
      },
      {
        "title": "Ubuntu Security Notice: USN-5495-1: curl vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5495-1"
      },
      {
        "title": "Red Hat: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-32205"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2022-32205"
      },
      {
        "title": "Amazon Linux 2: ALAS2-2022-1875",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=ALAS2-2022-1875"
      },
      {
        "title": "Debian Security Advisories: DSA-5197-1 curl -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=d9b734e3e9b6712333c95a6263dead82"
      },
      {
        "title": "Amazon Linux 2022: ALAS2022-2022-206",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-206"
      },
      {
        "title": "Amazon Linux 2022: ALAS2022-2022-145",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=ALAS2022-2022-145"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2022-32205 "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/holmes-py/reports-summary "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-770",
        "trust": 1.1
      },
      {
        "problemtype": "Allocation of resources without limits or throttling (CWE-770) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "https://hackerone.com/reports/1569946"
      },
      {
        "trust": 1.9,
        "url": "https://security.gentoo.org/glsa/202212-01"
      },
      {
        "trust": 1.8,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
      },
      {
        "trust": 1.8,
        "url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
      },
      {
        "trust": 1.8,
        "url": "https://support.apple.com/kb/ht213488"
      },
      {
        "trust": 1.8,
        "url": "https://www.debian.org/security/2022/dsa-5197"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2022/oct/28"
      },
      {
        "trust": 1.8,
        "url": "http://seclists.org/fulldisclosure/2022/oct/41"
      },
      {
        "trust": 1.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32205"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bev6br4mti3cewk2yu2hqzuw5fas3fey/"
      },
      {
        "trust": 0.8,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bev6br4mti3cewk2yu2hqzuw5fas3fey/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99752892"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94715153"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu99464755"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-01"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-09"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-12"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/167607/ubuntu-security-notice-usn-5495-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.3143"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2163"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022071142"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.3732"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022062927"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht213488"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/169318/debian-security-advisory-5197-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.5300"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-32205/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6333"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/curl-denial-of-service-via-set-cookie-38670"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3117"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32207"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32206"
      },
      {
        "trust": 0.2,
        "url": "https://ubuntu.com/security/notices/usn-5495-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32208"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27782"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27775"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22947"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27774"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27781"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22946"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27776"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22576"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22945"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/770.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-32205"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-18"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/curl/7.74.0-1.3ubuntu2.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.12"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/curl/7.81.0-1ubuntu1.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.19"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22898"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22924"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/curl"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22922"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27779"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30115"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-35260"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22925"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22926"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27780"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-35252"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-42916"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-42915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22923"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32221"
      },
      {
        "trust": 0.1,
        "url": "https://creativecommons.org/licenses/by-sa/2.5"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "PACKETSTORM",
        "id": "167607"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "db": "PACKETSTORM",
        "id": "167607"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170303"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-07-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "date": "2022-07-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "date": "2023-09-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "date": "2022-06-28T15:26:16",
        "db": "PACKETSTORM",
        "id": "167607"
      },
      {
        "date": "2022-08-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "date": "2022-12-19T13:48:31",
        "db": "PACKETSTORM",
        "id": "170303"
      },
      {
        "date": "2022-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "date": "2022-07-07T13:15:08.277000",
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-424132"
      },
      {
        "date": "2023-01-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-32205"
      },
      {
        "date": "2023-09-26T06:29:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      },
      {
        "date": "2023-06-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      },
      {
        "date": "2024-03-27T15:01:05.383000",
        "db": "NVD",
        "id": "CVE-2022-32205"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "curl\u00a0 Vulnerability in resource allocation without restrictions or throttling in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-015270"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2562"
      }
    ],
    "trust": 0.6
  }
}

var-202205-1540
Vulnerability from variot

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. BusyBox of BusyBox Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202205-1540",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "busybox",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "busybox",
        "version": "1.35.0"
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc-636-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-642-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-632-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-646-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "busybox",
        "scope": null,
        "trust": 0.8,
        "vendor": "busybox",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "cve": "CVE-2022-30065",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "CVE-2022-30065",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2022-30065",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2022-30065",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-30065",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-30065",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202205-3676",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2022-30065",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. BusyBox of BusyBox Products from multiple other vendors contain vulnerabilities related to use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      }
    ],
    "trust": 1.71
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-30065",
        "trust": 3.3
      },
      {
        "db": "SIEMENS",
        "id": "SSA-333517",
        "trust": 2.5
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-18",
        "trust": 0.9
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6430",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6310",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2163",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-30065",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "id": "VAR-202205-1540",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.5566514
  },
  "last_update_date": "2024-11-23T19:43:19.341000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "BusyBox Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=194591"
      },
      {
        "title": "Red Hat: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2022-30065"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2022-30065 "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/KazKobara/dockerfile_fswiki_local "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/isgo-golgo13/gokit-gorillakit-enginesvc "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.0
      },
      {
        "problemtype": "Use of freed memory (CWE-416) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "https://bugs.busybox.net/show_bug.cgi?id=14781"
      },
      {
        "trust": 2.5,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30065"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2163"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/busybox-reuse-after-free-via-awk-applet-39999"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6430"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6310"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-30065/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/416.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2022-30065"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-18"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-30065"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-05-18T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "date": "2023-08-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "date": "2022-05-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "date": "2022-05-18T15:15:10.240000",
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-02-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2022-30065"
      },
      {
        "date": "2023-08-10T08:25:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      },
      {
        "date": "2023-04-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      },
      {
        "date": "2024-11-21T07:02:09.397000",
        "db": "NVD",
        "id": "CVE-2022-30065"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "BusyBox\u00a0 of \u00a0BusyBox\u00a0 Vulnerability related to use of freed memory in products from other vendors",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-010126"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202205-3676"
      }
    ],
    "trust": 0.6
  }
}

var-202212-1134
Vulnerability from variot

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain vulnerabilities related to storing passwords in a recoverable format.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1134",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance xr552-12m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 ecc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm416-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr326-2c poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xc224-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr328-4c wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w734-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w788-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w738-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr524-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance m874-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2sfp eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "ruggedcom rm1224 lte\\ eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xf204-2bca dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w786-2 sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w778-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr528-6m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m876-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr326-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w778-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-2 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m804pb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w774-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2ia m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr526-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2g poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w721-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance mum856-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ruggedcom rm1224 lte\\ nam",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xb205-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m874-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xf204-2ba",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 eec m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb205-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-2 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w761-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-3g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204 dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance wum763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr324wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm408-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-2ia rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance wam766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm408-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w722-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w1748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xc216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615 eec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-636-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte nam",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum856-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-642-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m804pb",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-646-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-632-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2022-46142",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "productcert@siemens.com",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "id": "CVE-2022-46142",
            "impactScore": 4.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 0.9,
            "id": "CVE-2022-46142",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Physical",
            "author": "OTHER",
            "availabilityImpact": "Low",
            "baseScore": 5.7,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-023552",
            "impactScore": null,
            "integrityImpact": "Low",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-46142",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-46142",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-023552",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202212-3090",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain vulnerabilities related to storing passwords in a recoverable format.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      }
    ],
    "trust": 1.62
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-46142",
        "trust": 3.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-413565",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-04",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "id": "VAR-202212-1134",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.6398166875
  },
  "last_update_date": "2024-08-14T12:13:17.100000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens part of the product Security vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218339"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-257",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-522",
        "trust": 1.0
      },
      {
        "problemtype": "Password storage in recoverable form (CWE-257) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-46142"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-46142/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "date": "2022-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "date": "2022-12-13T16:15:25.067000",
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-29T03:03:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      },
      {
        "date": "2023-03-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      },
      {
        "date": "2023-03-14T10:15:24.137000",
        "db": "NVD",
        "id": "CVE-2022-46142"
      }
    ]
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Recoverable password storage vulnerability in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023552"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3090"
      }
    ],
    "trust": 0.6
  }
}

var-202206-1900
Vulnerability from variot

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. Haxx of cURL Products from multiple other vendors are vulnerable to resource allocation without limits or throttling.Service operation interruption (DoS) It may be in a state. Harry Sintonen incorrectly handled certain file permissions. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207). Bugs fixed (https://bugzilla.redhat.com/):

2041540 - RHACM 2.4 using deprecated APIs in managed clusters 2074766 - vSphere network name doesn't allow entering spaces and doesn't reflect YAML changes 2079418 - cluster update status is stuck, also update is not even visible 2088486 - Policy that creates cluster role is showing as not compliant due to Request entity too large message 2089490 - Upgraded from RHACM 2.2-->2.3-->2.4 and cannot create cluster 2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add 2097464 - ACM Console Becomes Unusable After a Time 2100613 - RHACM 2.4.6 images 2102436 - Cluster Pools with conflicting name of existing clusters in same namespace fails creation and deletes existing cluster 2102495 - ManagedClusters in Pending import state after ACM hub migration 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2109354 - CVE-2022-31150 nodejs16: CRLF injection in node-undici 2121396 - CVE-2022-31151 nodejs/undici: Cookie headers uncleared on cross-origin redirect 2124794 - CVE-2022-36067 vm2: Sandbox Escape in vm2

  1. Summary:

OpenShift sandboxed containers 1.3.1 is now available. Description:

OpenShift sandboxed containers support for OpenShift Container Platform provides users with built-in support for running Kata containers as an additional, optional runtime.

Space precludes documenting all of the updates to OpenShift sandboxed containers in this advisory. Solution:

Before applying this update, ensure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):

2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode 2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob 2118556 - CVE-2022-2832 blender: Null pointer reference in blender thumbnail extractor

  1. JIRA issues fixed (https://issues.jboss.org/):

KATA-1751 - CVE-2022-24675 osc-operator-container: golang: encoding/pem: fix stack overflow in Decode [rhosc-1] KATA-1752 - CVE-2022-28327 osc-operator-container: golang: crypto/elliptic: panic caused by oversized scalar [rhosc-1] KATA-1754 - OSC Pod security issue in 4.12 prevents subscribing to operator KATA-1758 - CVE-2022-30632 osc-operator-container: golang: path/filepath: stack exhaustion in Glob [rhosc-1]

  1. Bugs fixed (https://bugzilla.redhat.com/):

2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read 2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header 2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working

  1. JIRA issues fixed (https://issues.jboss.org/):

LOG-2647 - Add link to log console from pod views LOG-2801 - After upgrade all logs are stored in app indices LOG-2917 - Changing refresh interval throws error when the 'Query' field is empty

  1. Description:

The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.

Security Fix(es):

  • nodejs-url-parse: authorization bypass through user-controlled key (CVE-2022-0512)

  • npm-url-parse: Authorization bypass through user-controlled key (CVE-2022-0686)

  • npm-url-parse: authorization bypass through user-controlled key (CVE-2022-0691)

  • eventsource: Exposure of Sensitive Information (CVE-2022-1650)

  • nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)

  • nodejs-lodash: command injection via template (CVE-2021-23337)

  • npm-url-parse: Authorization Bypass Through User-Controlled Key (CVE-2022-0639)

  • golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):

1928937 - CVE-2021-23337 nodejs-lodash: command injection via template 1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions 2054663 - CVE-2022-0512 nodejs-url-parse: authorization bypass through user-controlled key 2057442 - CVE-2022-0639 npm-url-parse: Authorization Bypass Through User-Controlled Key 2060018 - CVE-2022-0686 npm-url-parse: Authorization bypass through user-controlled key 2060020 - CVE-2022-0691 npm-url-parse: authorization bypass through user-controlled key 2085307 - CVE-2022-1650 eventsource: Exposure of Sensitive Information 2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read

  1. These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.

For the stable distribution (bullseye), these problems have been fixed in version 7.74.0-1.3+deb11u2.

We recommend that you upgrade your curl packages.

For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K i8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD waofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp rXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz Uao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE yIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab SPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF REStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R 1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt TV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38 EPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA= =3E71 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update Advisory ID: RHSA-2022:8840-01 Product: Red Hat JBoss Core Services Advisory URL: https://access.redhat.com/errata/RHSA-2022:8840 Issue date: 2022-12-08 CVE Names: CVE-2022-1292 CVE-2022-2068 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-30522 CVE-2022-31813 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-32221 CVE-2022-35252 CVE-2022-42915 CVE-2022-42916 ==================================================================== 1. Summary:

An update is now available for Red Hat JBoss Core Services.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

Red Hat JBoss Core Services on RHEL 7 Server - noarch, x86_64 Red Hat JBoss Core Services on RHEL 8 - noarch, x86_64

  1. Description:

Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.

This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

Security Fix(es):

  • curl: HSTS bypass via IDN (CVE-2022-42916)

  • curl: HTTP proxy double-free (CVE-2022-42915)

  • curl: POST following PUT confusion (CVE-2022-32221)

  • httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism (CVE-2022-31813)

  • httpd: mod_sed: DoS vulnerability (CVE-2022-30522)

  • httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)

  • httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)

  • httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)

  • curl: control code in cookie denial of service (CVE-2022-35252)

  • jbcs-httpd24-httpd: httpd: mod_isapi: out-of-bounds read (CVE-2022-28330)

  • curl: Unpreserved file permissions (CVE-2022-32207)

  • curl: various flaws (CVE-2022-32206 CVE-2022-32208)

  • openssl: the c_rehash script allows command injection (CVE-2022-2068)

  • openssl: c_rehash script allows command injection (CVE-2022-1292)

  • jbcs-httpd24-httpd: httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody (CVE-2022-22721)

  • jbcs-httpd24-httpd: httpd: mod_sed: Read/write beyond bounds (CVE-2022-23943)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

  1. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. After installing the updated packages, the httpd daemon will be restarted automatically.

  1. Bugs fixed (https://bugzilla.redhat.com/):

2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds 2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody 2081494 - CVE-2022-1292 openssl: c_rehash script allows command injection 2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling 2095000 - CVE-2022-28330 httpd: mod_isapi: out-of-bounds read 2095002 - CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite() 2095006 - CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match() 2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability 2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism 2097310 - CVE-2022-2068 openssl: the c_rehash script allows command injection 2099300 - CVE-2022-32206 curl: HTTP compression denial of service 2099305 - CVE-2022-32207 curl: Unpreserved file permissions 2099306 - CVE-2022-32208 curl: FTP-KRB bad message verification 2120718 - CVE-2022-35252 curl: control code in cookie denial of service 2135411 - CVE-2022-32221 curl: POST following PUT confusion 2135413 - CVE-2022-42915 curl: HTTP proxy double-free 2135416 - CVE-2022-42916 curl: HSTS bypass via IDN

  1. Package List:

Red Hat JBoss Core Services on RHEL 7 Server:

Source: jbcs-httpd24-apr-util-1.6.1-99.el7jbcs.src.rpm jbcs-httpd24-curl-7.86.0-2.el7jbcs.src.rpm jbcs-httpd24-httpd-2.4.51-37.el7jbcs.src.rpm jbcs-httpd24-mod_http2-1.15.19-20.el7jbcs.src.rpm jbcs-httpd24-mod_jk-1.2.48-44.redhat_1.el7jbcs.src.rpm jbcs-httpd24-mod_md-2.4.0-18.el7jbcs.src.rpm jbcs-httpd24-mod_proxy_cluster-1.3.17-13.el7jbcs.src.rpm jbcs-httpd24-mod_security-2.9.3-22.el7jbcs.src.rpm jbcs-httpd24-nghttp2-1.43.0-11.el7jbcs.src.rpm jbcs-httpd24-openssl-1.1.1k-13.el7jbcs.src.rpm jbcs-httpd24-openssl-chil-1.0.0-17.el7jbcs.src.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-32.el7jbcs.src.rpm

noarch: jbcs-httpd24-httpd-manual-2.4.51-37.el7jbcs.noarch.rpm

x86_64: jbcs-httpd24-apr-util-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-debuginfo-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-devel-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-ldap-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-mysql-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-nss-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-odbc-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-openssl-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-pgsql-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-apr-util-sqlite-1.6.1-99.el7jbcs.x86_64.rpm jbcs-httpd24-curl-7.86.0-2.el7jbcs.x86_64.rpm jbcs-httpd24-curl-debuginfo-7.86.0-2.el7jbcs.x86_64.rpm jbcs-httpd24-httpd-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-httpd-debuginfo-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-httpd-devel-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-httpd-selinux-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-httpd-tools-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-libcurl-7.86.0-2.el7jbcs.x86_64.rpm jbcs-httpd24-libcurl-devel-7.86.0-2.el7jbcs.x86_64.rpm jbcs-httpd24-mod_http2-1.15.19-20.el7jbcs.x86_64.rpm jbcs-httpd24-mod_http2-debuginfo-1.15.19-20.el7jbcs.x86_64.rpm jbcs-httpd24-mod_jk-ap24-1.2.48-44.redhat_1.el7jbcs.x86_64.rpm jbcs-httpd24-mod_jk-debuginfo-1.2.48-44.redhat_1.el7jbcs.x86_64.rpm jbcs-httpd24-mod_ldap-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-mod_md-2.4.0-18.el7jbcs.x86_64.rpm jbcs-httpd24-mod_md-debuginfo-2.4.0-18.el7jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_cluster-1.3.17-13.el7jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_cluster-debuginfo-1.3.17-13.el7jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_html-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-mod_security-2.9.3-22.el7jbcs.x86_64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.3-22.el7jbcs.x86_64.rpm jbcs-httpd24-mod_session-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-mod_ssl-2.4.51-37.el7jbcs.x86_64.rpm jbcs-httpd24-nghttp2-1.43.0-11.el7jbcs.x86_64.rpm jbcs-httpd24-nghttp2-debuginfo-1.43.0-11.el7jbcs.x86_64.rpm jbcs-httpd24-nghttp2-devel-1.43.0-11.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-1.1.1k-13.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-chil-1.0.0-17.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-chil-debuginfo-1.0.0-17.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.1.1k-13.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-devel-1.1.1k-13.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-libs-1.1.1k-13.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-perl-1.1.1k-13.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-32.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-32.el7jbcs.x86_64.rpm jbcs-httpd24-openssl-static-1.1.1k-13.el7jbcs.x86_64.rpm

Red Hat JBoss Core Services on RHEL 8:

Source: jbcs-httpd24-apr-util-1.6.1-99.el8jbcs.src.rpm jbcs-httpd24-curl-7.86.0-2.el8jbcs.src.rpm jbcs-httpd24-httpd-2.4.51-37.el8jbcs.src.rpm jbcs-httpd24-mod_http2-1.15.19-20.el8jbcs.src.rpm jbcs-httpd24-mod_jk-1.2.48-44.redhat_1.el8jbcs.src.rpm jbcs-httpd24-mod_md-2.4.0-18.el8jbcs.src.rpm jbcs-httpd24-mod_proxy_cluster-1.3.17-13.el8jbcs.src.rpm jbcs-httpd24-mod_security-2.9.3-22.el8jbcs.src.rpm jbcs-httpd24-nghttp2-1.43.0-11.el8jbcs.src.rpm jbcs-httpd24-openssl-1.1.1k-13.el8jbcs.src.rpm jbcs-httpd24-openssl-chil-1.0.0-17.el8jbcs.src.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-32.el8jbcs.src.rpm

noarch: jbcs-httpd24-httpd-manual-2.4.51-37.el8jbcs.noarch.rpm

x86_64: jbcs-httpd24-apr-util-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-devel-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-ldap-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-ldap-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-mysql-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-mysql-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-nss-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-nss-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-odbc-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-odbc-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-openssl-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-openssl-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-pgsql-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-pgsql-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-sqlite-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-apr-util-sqlite-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm jbcs-httpd24-curl-7.86.0-2.el8jbcs.x86_64.rpm jbcs-httpd24-curl-debuginfo-7.86.0-2.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-devel-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-selinux-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-tools-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-httpd-tools-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-libcurl-7.86.0-2.el8jbcs.x86_64.rpm jbcs-httpd24-libcurl-debuginfo-7.86.0-2.el8jbcs.x86_64.rpm jbcs-httpd24-libcurl-devel-7.86.0-2.el8jbcs.x86_64.rpm jbcs-httpd24-mod_http2-1.15.19-20.el8jbcs.x86_64.rpm jbcs-httpd24-mod_http2-debuginfo-1.15.19-20.el8jbcs.x86_64.rpm jbcs-httpd24-mod_jk-ap24-1.2.48-44.redhat_1.el8jbcs.x86_64.rpm jbcs-httpd24-mod_jk-ap24-debuginfo-1.2.48-44.redhat_1.el8jbcs.x86_64.rpm jbcs-httpd24-mod_ldap-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_ldap-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_md-2.4.0-18.el8jbcs.x86_64.rpm jbcs-httpd24-mod_md-debuginfo-2.4.0-18.el8jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_cluster-1.3.17-13.el8jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_cluster-debuginfo-1.3.17-13.el8jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_html-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_proxy_html-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_security-2.9.3-22.el8jbcs.x86_64.rpm jbcs-httpd24-mod_security-debuginfo-2.9.3-22.el8jbcs.x86_64.rpm jbcs-httpd24-mod_session-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_session-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_ssl-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-mod_ssl-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm jbcs-httpd24-nghttp2-1.43.0-11.el8jbcs.x86_64.rpm jbcs-httpd24-nghttp2-debuginfo-1.43.0-11.el8jbcs.x86_64.rpm jbcs-httpd24-nghttp2-devel-1.43.0-11.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-chil-1.0.0-17.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-chil-debuginfo-1.0.0-17.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-debuginfo-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-devel-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-libs-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-libs-debuginfo-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-perl-1.1.1k-13.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-pkcs11-0.4.10-32.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-32.el8jbcs.x86_64.rpm jbcs-httpd24-openssl-static-1.1.1k-13.el8jbcs.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2022-1292 https://access.redhat.com/security/cve/CVE-2022-2068 https://access.redhat.com/security/cve/CVE-2022-22721 https://access.redhat.com/security/cve/CVE-2022-23943 https://access.redhat.com/security/cve/CVE-2022-26377 https://access.redhat.com/security/cve/CVE-2022-28330 https://access.redhat.com/security/cve/CVE-2022-28614 https://access.redhat.com/security/cve/CVE-2022-28615 https://access.redhat.com/security/cve/CVE-2022-30522 https://access.redhat.com/security/cve/CVE-2022-31813 https://access.redhat.com/security/cve/CVE-2022-32206 https://access.redhat.com/security/cve/CVE-2022-32207 https://access.redhat.com/security/cve/CVE-2022-32208 https://access.redhat.com/security/cve/CVE-2022-32221 https://access.redhat.com/security/cve/CVE-2022-35252 https://access.redhat.com/security/cve/CVE-2022-42915 https://access.redhat.com/security/cve/CVE-2022-42916 https://access.redhat.com/security/updates/classification/#moderate

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iQIVAwUBY5ISE9zjgjWX9erEAQixuA//dX5Q3wtu2MRvrjD/sK/r6dqBz4fWWhS9 ws2A8cRa5ki3RlCaYQ3pP7LkRtIdankAP3HG1NU4er/odsMEW5aEgku+5foV7w4M WEd0USLKs3Pw5a7/3TjOBUf5CA7oet03C7/u9idWaLD/ip4UMhskSnz33qFQSFZf FAWNdsRhH8+ql6qFMg9Odv5RFX3i2+wBy5pC69Akr2FBEt9j+/PbvSPWuPD26n6H 0l+QUKrI3OW1EHzz+S/8aEfTFKLluXfhVJn61wdA8Kjs4ZKrnBz8czJjxn4hOi7a z0tpzg5d1BJEf/UB7EdyyLBGRIliWhf978qtG8QS37GEgnQSof2xgcfu1NGiHl9j ypCqX1R4oOkeoISynnZUKWZ1uFp5GkMiRtPu0Bw7WYB6z/8OWZce4yIqh1rcG09d NcyleabDtpJ7C3BJQzpnhXAWjri7oJ6wHBvcbQ9sLj2xkQRX2Zpi0KJGIH8iLwdn Ik+RIZ7u/mXeW3ulcwiQTPYbTQLWGXqgZV1qxJq91HIcu+y3STQwZjb4fZuqjH5M onO/rF2y50l9LqArg/v9KAJUbHSKMDP6r7Dx02J+iKjW3g7NczoImrU7JcyAgce9 mCN7gMmU9bQx1tagIKcKKW5IVN/jHyWKJW/t0teoaECsa2LMgoEIt+6RcmQXWpdF 6t6oQh+b3NY=UGfz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary:

Red Hat Advanced Cluster Management for Kubernetes 2.5.2 General Availability release images, which fix security issues and bugs. Description:

Red Hat Advanced Cluster Management for Kubernetes 2.5.2 images

Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/

Security fixes:

  • moment: inefficient parsing algorithim resulting in DoS (CVE-2022-31129)
  • vm2: Sandbox Escape in vm2 (CVE-2022-36067)

Bug fixes:

  • Submariner Globalnet e2e tests failed on MTU between On-Prem to Public clusters (BZ# 2074547)

  • OCP 4.11 - Install fails because of: pods "management-ingress-63029-5cf6789dd6-" is forbidden: unable to validate against any security context constrain (BZ# 2082254)

  • subctl gather fails to gather libreswan data if CableDriver field is missing/empty in Submariner Spec (BZ# 2083659)

  • Yaml editor for creating vSphere cluster moves to next line after typing (BZ# 2086883)

  • Submariner addon status doesn't track all deployment failures (BZ# 2090311)

  • Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn without including s3 secret (BZ# 2091170)

  • After switching to ACM 2.5 the managed clusters log "unable to create ClusterClaim" errors (BZ# 2095481)

  • Enforce failed and report the violation after modified memory value in limitrange policy (BZ# 2100036)

  • Creating an application fails with "This application has no subscription match selector (spec.selector.matchExpressions)" (BZ# 2101577)

  • Inconsistent cluster resource statuses between "All Subscription" topology and individual topologies (BZ# 2102273)

  • managed cluster is in "unknown" state for 120 mins after OADP restore

  • RHACM 2.5.2 images (BZ# 2104553)

  • Subscription UI does not allow binding to label with empty value (BZ# 2104961)

  • Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD (BZ# 2106069)

  • Region information is not available for Azure cloud in managedcluster CR (BZ# 2107134)

  • cluster uninstall log points to incorrect container name (BZ# 2107359)

  • ACM shows wrong path for Argo CD applicationset git generator (BZ# 2107885)

  • Single node checkbox not visible for 4.11 images (BZ# 2109134)

  • Unable to deploy hypershift cluster when enabling validate-cluster-security (BZ# 2109544)

  • Deletion of Application (including app related resources) from the console fails to delete PlacementRule for the application (BZ# 20110026)

  • After the creation by a policy of job or deployment (in case the object is missing)ACM is trying to add new containers instead of updating (BZ# 2117728)

  • pods in CrashLoopBackoff on 3.11 managed cluster (BZ# 2122292)

  • ArgoCD and AppSet Applications do not deploy to local-cluster (BZ# 2124707)

  • Solution:

For Red Hat Advanced Cluster Management for Kubernetes, see the following documentation, which will be updated shortly for this release, for important instructions about installing this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing

  1. Bugs fixed (https://bugzilla.redhat.com/):

2074547 - Submariner Globalnet e2e tests failed on MTU between On-Prem to Public clusters 2082254 - OCP 4.11 - Install fails because of: pods "management-ingress-63029-5cf6789dd6-" is forbidden: unable to validate against any security context constraint 2083659 - subctl gather fails to gather libreswan data if CableDriver field is missing/empty in Submariner Spec 2086883 - Yaml editor for creating vSphere cluster moves to next line after typing 2090311 - Submariner addon status doesn't track all deployment failures 2091170 - Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn without including s3 secret 2095481 - After switching to ACM 2.5 the managed clusters log "unable to create ClusterClaim" errors 2100036 - Enforce failed and report the violation after modified memory value in limitrange policy 2101577 - Creating an application fails with "This application has no subscription match selector (spec.selector.matchExpressions)" 2102273 - Inconsistent cluster resource statuses between "All Subscription" topology and individual topologies 2103653 - managed cluster is in "unknown" state for 120 mins after OADP restore 2104553 - RHACM 2.5.2 images 2104961 - Subscription UI does not allow binding to label with empty value 2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS 2106069 - Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD 2107134 - Region information is not available for Azure cloud in managedcluster CR 2107359 - cluster uninstall log points to incorrect container name 2107885 - ACM shows wrong path for Argo CD applicationset git generator 2109134 - Single node checkbox not visible for 4.11 images 2110026 - Deletion of Application (including app related resources) from the console fails to delete PlacementRule for the application 2117728 - After the creation by a policy of job or deployment (in case the object is missing)ACM is trying to add new containers instead of updating 2122292 - pods in CrashLoopBackoff on 3.11 managed cluster 2124707 - ArgoCD and AppSet Applications do not deploy to local-cluster 2124794 - CVE-2022-36067 vm2: Sandbox Escape in vm2

5

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202206-1900",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "h300s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h410s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "solidfire",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "bootstrap os",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "universal forwarder",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.1.0"
      },
      {
        "model": "h700s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "element software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "universal forwarder",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "8.2.12"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "35"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "universal forwarder",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.0.6"
      },
      {
        "model": "curl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "haxx",
        "version": "7.84.0"
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "universal forwarder",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "9.0.0"
      },
      {
        "model": "hci management node",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "clustered data ontap",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h500s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "universal forwarder",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "splunk",
        "version": "8.2.0"
      },
      {
        "model": "scalance sc-642-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "h410s",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc-632-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "clustered data ontap",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc-636-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "curl",
        "scope": null,
        "trust": 0.8,
        "vendor": "haxx",
        "version": null
      },
      {
        "model": "hci management node",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "fedora",
        "scope": null,
        "trust": 0.8,
        "vendor": "fedora",
        "version": null
      },
      {
        "model": "bootstrap os",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h700s",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h500s",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-646-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "solidfire",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "h300s",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "gnu/linux",
        "scope": null,
        "trust": 0.8,
        "vendor": "debian",
        "version": null
      },
      {
        "model": "element software",
        "scope": null,
        "trust": 0.8,
        "vendor": "netapp",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "db": "PACKETSTORM",
        "id": "168284"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2022-32206",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2022-32206",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-32206",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2022-32206",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-32206",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2022-32206",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202206-2565",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors. Haxx of cURL Products from multiple other vendors are vulnerable to resource allocation without limits or throttling.Service operation interruption (DoS) It may be in a state. Harry Sintonen incorrectly handled certain file permissions. \nAn attacker could possibly use this issue to expose sensitive information. \nThis issue only affected Ubuntu 21.10, and Ubuntu 22.04 LTS. (CVE-2022-32207). Bugs fixed (https://bugzilla.redhat.com/):\n\n2041540 - RHACM 2.4 using deprecated APIs in managed clusters\n2074766 - vSphere network name doesn\u0027t allow entering spaces and doesn\u0027t reflect YAML changes\n2079418 - cluster update status is stuck, also update is not even visible\n2088486 - Policy that creates cluster role is showing as not compliant due to Request entity too large message\n2089490 - Upgraded from RHACM 2.2--\u003e2.3--\u003e2.4 and cannot create cluster\n2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add\n2097464 - ACM Console Becomes Unusable After a Time\n2100613 - RHACM 2.4.6 images\n2102436 - Cluster Pools with conflicting name of existing clusters in same namespace fails creation and deletes existing cluster\n2102495 - ManagedClusters in Pending import state after ACM hub migration\n2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n2109354 - CVE-2022-31150 nodejs16: CRLF injection in node-undici\n2121396 - CVE-2022-31151 nodejs/undici: Cookie headers uncleared on cross-origin redirect\n2124794 - CVE-2022-36067 vm2:  Sandbox Escape in vm2\n\n5. Summary:\n\nOpenShift sandboxed containers 1.3.1 is now available. Description:\n\nOpenShift sandboxed containers support for OpenShift Container Platform\nprovides users with built-in support for running Kata containers as an\nadditional, optional runtime. \n\nSpace precludes documenting all of the updates to OpenShift sandboxed\ncontainers in this advisory. Solution:\n\nBefore applying this update, ensure all previously released errata relevant\nto your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n2077688 - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode\n2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob\n2118556 - CVE-2022-2832 blender: Null pointer reference in blender thumbnail extractor\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nKATA-1751 - CVE-2022-24675 osc-operator-container: golang: encoding/pem: fix stack overflow in Decode [rhosc-1]\nKATA-1752 - CVE-2022-28327 osc-operator-container: golang: crypto/elliptic: panic caused by oversized scalar [rhosc-1]\nKATA-1754 - OSC Pod security issue in 4.12 prevents subscribing to operator\nKATA-1758 - CVE-2022-30632 osc-operator-container: golang: path/filepath: stack exhaustion in Glob [rhosc-1]\n\n6. Bugs fixed (https://bugzilla.redhat.com/):\n\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header\n2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nLOG-2647 - Add link to log console from pod views\nLOG-2801 - After upgrade all logs are stored in app indices\nLOG-2917 - Changing refresh interval throws error when the \u0027Query\u0027 field is empty\n\n6. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. \n\nSecurity Fix(es):\n\n* nodejs-url-parse: authorization bypass through user-controlled key\n(CVE-2022-0512)\n\n* npm-url-parse: Authorization bypass through user-controlled key\n(CVE-2022-0686)\n\n* npm-url-parse: authorization bypass through user-controlled key\n(CVE-2022-0691)\n\n* eventsource: Exposure of Sensitive Information (CVE-2022-1650)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions\n(CVE-2020-28500)\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* npm-url-parse: Authorization Bypass Through User-Controlled Key\n(CVE-2022-0639)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. Bugs fixed (https://bugzilla.redhat.com/):\n\n1928937 - CVE-2021-23337 nodejs-lodash: command injection via template\n1928954 - CVE-2020-28500 nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions\n2054663 - CVE-2022-0512 nodejs-url-parse: authorization bypass through user-controlled key\n2057442 - CVE-2022-0639 npm-url-parse: Authorization Bypass Through User-Controlled Key\n2060018 - CVE-2022-0686 npm-url-parse: Authorization bypass through user-controlled key\n2060020 - CVE-2022-0691 npm-url-parse: authorization bypass through user-controlled key\n2085307 - CVE-2022-1650 eventsource: Exposure of Sensitive Information\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n5. These flaws may allow remote attackers to obtain sensitive\ninformation, leak authentication or cookie header data or facilitate a\ndenial of service attack. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 7.74.0-1.3+deb11u2. \n\nWe recommend that you upgrade your curl packages. \n\nFor the detailed security status of curl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/curl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K\ni8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD\nwaofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp\nrXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz\nUao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE\nyIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab\nSPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF\nREStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R\n1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt\nTV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38\nEPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA=\n=3E71\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP1 security update\nAdvisory ID:       RHSA-2022:8840-01\nProduct:           Red Hat JBoss Core Services\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2022:8840\nIssue date:        2022-12-08\nCVE Names:         CVE-2022-1292 CVE-2022-2068 CVE-2022-22721\n                   CVE-2022-23943 CVE-2022-26377 CVE-2022-28330\n                   CVE-2022-28614 CVE-2022-28615 CVE-2022-30522\n                   CVE-2022-31813 CVE-2022-32206 CVE-2022-32207\n                   CVE-2022-32208 CVE-2022-32221 CVE-2022-35252\n                   CVE-2022-42915 CVE-2022-42916\n====================================================================\n1. Summary:\n\nAn update is now available for Red Hat JBoss Core Services. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat JBoss Core Services on RHEL 7 Server - noarch, x86_64\nRed Hat JBoss Core Services on RHEL 8 - noarch, x86_64\n\n3. Description:\n\nRed Hat JBoss Core Services is a set of supplementary software for Red Hat\nJBoss middleware products. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51\nService Pack 1 serves as a replacement for Red Hat JBoss Core Services\nApache HTTP Server 2.4.51, and includes bug fixes and enhancements, which\nare documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* curl: HSTS bypass via IDN (CVE-2022-42916)\n\n* curl: HTTP proxy double-free (CVE-2022-42915)\n\n* curl: POST following PUT confusion (CVE-2022-32221)\n\n* httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism\n(CVE-2022-31813)\n\n* httpd: mod_sed: DoS vulnerability (CVE-2022-30522)\n\n* httpd: out-of-bounds read in ap_strcmp_match() (CVE-2022-28615)\n\n* httpd: out-of-bounds read via ap_rwrite() (CVE-2022-28614)\n\n* httpd: mod_proxy_ajp: Possible request smuggling (CVE-2022-26377)\n\n* curl: control code in cookie denial of service (CVE-2022-35252)\n\n* jbcs-httpd24-httpd: httpd: mod_isapi: out-of-bounds read (CVE-2022-28330)\n\n* curl: Unpreserved file permissions (CVE-2022-32207)\n\n* curl: various flaws (CVE-2022-32206 CVE-2022-32208)\n\n* openssl: the c_rehash script allows command injection (CVE-2022-2068)\n\n* openssl: c_rehash script allows command injection (CVE-2022-1292)\n\n* jbcs-httpd24-httpd: httpd: core: Possible buffer overflow with very large\nor unlimited LimitXMLRequestBody (CVE-2022-22721)\n\n* jbcs-httpd24-httpd: httpd: mod_sed: Read/write beyond bounds\n(CVE-2022-23943)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nApplications using the APR libraries, such as httpd, must be restarted for\nthis update to take effect. After installing the updated packages, the\nhttpd daemon will be restarted automatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2064319 - CVE-2022-23943 httpd: mod_sed: Read/write beyond bounds\n2064320 - CVE-2022-22721 httpd: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody\n2081494 - CVE-2022-1292 openssl: c_rehash script allows command injection\n2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request smuggling\n2095000 - CVE-2022-28330 httpd: mod_isapi: out-of-bounds read\n2095002 - CVE-2022-28614 httpd: Out-of-bounds read via ap_rwrite()\n2095006 - CVE-2022-28615 httpd: Out-of-bounds read in ap_strcmp_match()\n2095015 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability\n2095020 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped by hop-by-hop mechanism\n2097310 - CVE-2022-2068 openssl: the c_rehash script allows command injection\n2099300 - CVE-2022-32206 curl: HTTP compression denial of service\n2099305 - CVE-2022-32207 curl: Unpreserved file permissions\n2099306 - CVE-2022-32208 curl: FTP-KRB bad message verification\n2120718 - CVE-2022-35252 curl: control code in cookie denial of service\n2135411 - CVE-2022-32221 curl: POST following PUT confusion\n2135413 - CVE-2022-42915 curl: HTTP proxy double-free\n2135416 - CVE-2022-42916 curl: HSTS bypass via IDN\n\n6. Package List:\n\nRed Hat JBoss Core Services on RHEL 7 Server:\n\nSource:\njbcs-httpd24-apr-util-1.6.1-99.el7jbcs.src.rpm\njbcs-httpd24-curl-7.86.0-2.el7jbcs.src.rpm\njbcs-httpd24-httpd-2.4.51-37.el7jbcs.src.rpm\njbcs-httpd24-mod_http2-1.15.19-20.el7jbcs.src.rpm\njbcs-httpd24-mod_jk-1.2.48-44.redhat_1.el7jbcs.src.rpm\njbcs-httpd24-mod_md-2.4.0-18.el7jbcs.src.rpm\njbcs-httpd24-mod_proxy_cluster-1.3.17-13.el7jbcs.src.rpm\njbcs-httpd24-mod_security-2.9.3-22.el7jbcs.src.rpm\njbcs-httpd24-nghttp2-1.43.0-11.el7jbcs.src.rpm\njbcs-httpd24-openssl-1.1.1k-13.el7jbcs.src.rpm\njbcs-httpd24-openssl-chil-1.0.0-17.el7jbcs.src.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-32.el7jbcs.src.rpm\n\nnoarch:\njbcs-httpd24-httpd-manual-2.4.51-37.el7jbcs.noarch.rpm\n\nx86_64:\njbcs-httpd24-apr-util-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-debuginfo-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-devel-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-ldap-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-mysql-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-nss-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-odbc-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-openssl-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-pgsql-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-apr-util-sqlite-1.6.1-99.el7jbcs.x86_64.rpm\njbcs-httpd24-curl-7.86.0-2.el7jbcs.x86_64.rpm\njbcs-httpd24-curl-debuginfo-7.86.0-2.el7jbcs.x86_64.rpm\njbcs-httpd24-httpd-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-httpd-devel-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-httpd-selinux-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-httpd-tools-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-libcurl-7.86.0-2.el7jbcs.x86_64.rpm\njbcs-httpd24-libcurl-devel-7.86.0-2.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_http2-1.15.19-20.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_http2-debuginfo-1.15.19-20.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_jk-ap24-1.2.48-44.redhat_1.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_jk-debuginfo-1.2.48-44.redhat_1.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_ldap-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_md-2.4.0-18.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_md-debuginfo-2.4.0-18.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_cluster-1.3.17-13.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_cluster-debuginfo-1.3.17-13.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_html-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_security-2.9.3-22.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.3-22.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_session-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-mod_ssl-2.4.51-37.el7jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-1.43.0-11.el7jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-debuginfo-1.43.0-11.el7jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-devel-1.43.0-11.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-1.1.1k-13.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-chil-1.0.0-17.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-chil-debuginfo-1.0.0-17.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-debuginfo-1.1.1k-13.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-devel-1.1.1k-13.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-libs-1.1.1k-13.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-perl-1.1.1k-13.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-32.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-32.el7jbcs.x86_64.rpm\njbcs-httpd24-openssl-static-1.1.1k-13.el7jbcs.x86_64.rpm\n\nRed Hat JBoss Core Services on RHEL 8:\n\nSource:\njbcs-httpd24-apr-util-1.6.1-99.el8jbcs.src.rpm\njbcs-httpd24-curl-7.86.0-2.el8jbcs.src.rpm\njbcs-httpd24-httpd-2.4.51-37.el8jbcs.src.rpm\njbcs-httpd24-mod_http2-1.15.19-20.el8jbcs.src.rpm\njbcs-httpd24-mod_jk-1.2.48-44.redhat_1.el8jbcs.src.rpm\njbcs-httpd24-mod_md-2.4.0-18.el8jbcs.src.rpm\njbcs-httpd24-mod_proxy_cluster-1.3.17-13.el8jbcs.src.rpm\njbcs-httpd24-mod_security-2.9.3-22.el8jbcs.src.rpm\njbcs-httpd24-nghttp2-1.43.0-11.el8jbcs.src.rpm\njbcs-httpd24-openssl-1.1.1k-13.el8jbcs.src.rpm\njbcs-httpd24-openssl-chil-1.0.0-17.el8jbcs.src.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-32.el8jbcs.src.rpm\n\nnoarch:\njbcs-httpd24-httpd-manual-2.4.51-37.el8jbcs.noarch.rpm\n\nx86_64:\njbcs-httpd24-apr-util-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-devel-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-ldap-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-ldap-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-mysql-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-mysql-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-nss-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-nss-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-odbc-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-odbc-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-openssl-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-openssl-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-pgsql-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-pgsql-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-sqlite-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-apr-util-sqlite-debuginfo-1.6.1-99.el8jbcs.x86_64.rpm\njbcs-httpd24-curl-7.86.0-2.el8jbcs.x86_64.rpm\njbcs-httpd24-curl-debuginfo-7.86.0-2.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-devel-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-selinux-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-tools-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-httpd-tools-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-libcurl-7.86.0-2.el8jbcs.x86_64.rpm\njbcs-httpd24-libcurl-debuginfo-7.86.0-2.el8jbcs.x86_64.rpm\njbcs-httpd24-libcurl-devel-7.86.0-2.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_http2-1.15.19-20.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_http2-debuginfo-1.15.19-20.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_jk-ap24-1.2.48-44.redhat_1.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_jk-ap24-debuginfo-1.2.48-44.redhat_1.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_ldap-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_ldap-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_md-2.4.0-18.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_md-debuginfo-2.4.0-18.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_cluster-1.3.17-13.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_cluster-debuginfo-1.3.17-13.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_html-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_proxy_html-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_security-2.9.3-22.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_security-debuginfo-2.9.3-22.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_session-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_session-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_ssl-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-mod_ssl-debuginfo-2.4.51-37.el8jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-1.43.0-11.el8jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-debuginfo-1.43.0-11.el8jbcs.x86_64.rpm\njbcs-httpd24-nghttp2-devel-1.43.0-11.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-chil-1.0.0-17.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-chil-debuginfo-1.0.0-17.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-debuginfo-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-devel-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-libs-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-libs-debuginfo-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-perl-1.1.1k-13.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-0.4.10-32.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-32.el8jbcs.x86_64.rpm\njbcs-httpd24-openssl-static-1.1.1k-13.el8jbcs.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2022-1292\nhttps://access.redhat.com/security/cve/CVE-2022-2068\nhttps://access.redhat.com/security/cve/CVE-2022-22721\nhttps://access.redhat.com/security/cve/CVE-2022-23943\nhttps://access.redhat.com/security/cve/CVE-2022-26377\nhttps://access.redhat.com/security/cve/CVE-2022-28330\nhttps://access.redhat.com/security/cve/CVE-2022-28614\nhttps://access.redhat.com/security/cve/CVE-2022-28615\nhttps://access.redhat.com/security/cve/CVE-2022-30522\nhttps://access.redhat.com/security/cve/CVE-2022-31813\nhttps://access.redhat.com/security/cve/CVE-2022-32206\nhttps://access.redhat.com/security/cve/CVE-2022-32207\nhttps://access.redhat.com/security/cve/CVE-2022-32208\nhttps://access.redhat.com/security/cve/CVE-2022-32221\nhttps://access.redhat.com/security/cve/CVE-2022-35252\nhttps://access.redhat.com/security/cve/CVE-2022-42915\nhttps://access.redhat.com/security/cve/CVE-2022-42916\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBY5ISE9zjgjWX9erEAQixuA//dX5Q3wtu2MRvrjD/sK/r6dqBz4fWWhS9\nws2A8cRa5ki3RlCaYQ3pP7LkRtIdankAP3HG1NU4er/odsMEW5aEgku+5foV7w4M\nWEd0USLKs3Pw5a7/3TjOBUf5CA7oet03C7/u9idWaLD/ip4UMhskSnz33qFQSFZf\nFAWNdsRhH8+ql6qFMg9Odv5RFX3i2+wBy5pC69Akr2FBEt9j+/PbvSPWuPD26n6H\n0l+QUKrI3OW1EHzz+S/8aEfTFKLluXfhVJn61wdA8Kjs4ZKrnBz8czJjxn4hOi7a\nz0tpzg5d1BJEf/UB7EdyyLBGRIliWhf978qtG8QS37GEgnQSof2xgcfu1NGiHl9j\nypCqX1R4oOkeoISynnZUKWZ1uFp5GkMiRtPu0Bw7WYB6z/8OWZce4yIqh1rcG09d\nNcyleabDtpJ7C3BJQzpnhXAWjri7oJ6wHBvcbQ9sLj2xkQRX2Zpi0KJGIH8iLwdn\nIk+RIZ7u/mXeW3ulcwiQTPYbTQLWGXqgZV1qxJq91HIcu+y3STQwZjb4fZuqjH5M\nonO/rF2y50l9LqArg/v9KAJUbHSKMDP6r7Dx02J+iKjW3g7NczoImrU7JcyAgce9\nmCN7gMmU9bQx1tagIKcKKW5IVN/jHyWKJW/t0teoaECsa2LMgoEIt+6RcmQXWpdF\n6t6oQh+b3NY=UGfz\n-----END PGP SIGNATURE-----\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.5.2 General\nAvailability release images, which fix security issues and bugs. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.5.2 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \n\nThis advisory contains the container images for Red Hat Advanced Cluster\nManagement for Kubernetes, which fix several bugs. See the following\nRelease Notes documentation, which will be updated shortly for this\nrelease, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/\n\nSecurity fixes:\n\n* moment: inefficient parsing algorithim resulting in DoS (CVE-2022-31129)\n* vm2: Sandbox Escape in vm2 (CVE-2022-36067)\n\nBug fixes:\n\n* Submariner Globalnet e2e tests failed on MTU between On-Prem to Public\nclusters (BZ# 2074547)\n\n* OCP 4.11 - Install fails because of: pods\n\"management-ingress-63029-5cf6789dd6-\" is forbidden: unable to validate\nagainst any security context constrain (BZ# 2082254)\n\n* subctl gather fails to gather libreswan data if CableDriver field is\nmissing/empty in Submariner Spec (BZ# 2083659)\n\n* Yaml editor for creating vSphere cluster moves to next line after typing\n(BZ# 2086883)\n\n* Submariner addon status doesn\u0027t track all deployment failures (BZ#\n2090311)\n\n* Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn\nwithout including s3 secret (BZ# 2091170)\n\n* After switching to ACM 2.5 the managed clusters log \"unable to create\nClusterClaim\" errors (BZ# 2095481)\n\n* Enforce failed and report the violation after modified memory value in\nlimitrange policy (BZ# 2100036)\n\n* Creating an application fails with \"This application has no subscription\nmatch selector (spec.selector.matchExpressions)\" (BZ# 2101577)\n\n* Inconsistent cluster resource statuses between \"All Subscription\"\ntopology and individual topologies (BZ# 2102273)\n\n* managed cluster is in \"unknown\" state for 120 mins after OADP restore\n\n* RHACM 2.5.2 images (BZ# 2104553)\n\n* Subscription UI does not allow binding to label with empty value (BZ#\n2104961)\n\n* Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD (BZ#\n2106069)\n\n* Region information is not available for Azure cloud in managedcluster CR\n(BZ# 2107134)\n\n* cluster uninstall log points to incorrect container name (BZ# 2107359)\n\n* ACM shows wrong path for Argo CD applicationset git generator (BZ#\n2107885)\n\n* Single node checkbox not visible for 4.11 images (BZ# 2109134)\n\n* Unable to deploy hypershift cluster when enabling\nvalidate-cluster-security (BZ# 2109544)\n\n* Deletion of Application (including app related resources) from the\nconsole fails to delete PlacementRule for the application (BZ# 20110026)\n\n* After the creation by a policy of job or deployment (in case the object\nis missing)ACM is trying to add new containers instead of updating (BZ#\n2117728)\n\n* pods in CrashLoopBackoff on 3.11 managed cluster (BZ# 2122292)\n\n* ArgoCD and AppSet Applications do not deploy to local-cluster (BZ#\n2124707)\n\n3. Solution:\n\nFor Red Hat Advanced Cluster Management for Kubernetes, see the following\ndocumentation, which will be updated shortly for this release, for\nimportant\ninstructions about installing this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n2074547 - Submariner Globalnet e2e tests failed on MTU between On-Prem to Public clusters\n2082254 - OCP 4.11 - Install fails because of: pods \"management-ingress-63029-5cf6789dd6-\" is forbidden: unable to validate against any security context constraint\n2083659 - subctl gather fails to gather libreswan data if CableDriver field is missing/empty in Submariner Spec\n2086883 - Yaml editor for creating vSphere cluster moves to next line after typing\n2090311 - Submariner addon status doesn\u0027t track all deployment failures\n2091170 - Unable to deploy Hypershift operator on MCE hub using ManagedClusterAddOn without including s3 secret\n2095481 - After switching to ACM 2.5 the managed clusters log \"unable to create ClusterClaim\" errors\n2100036 - Enforce failed and report the violation after modified memory value in limitrange policy\n2101577 - Creating an application fails with \"This application has no subscription match selector (spec.selector.matchExpressions)\"\n2102273 - Inconsistent cluster resource statuses between \"All Subscription\" topology and individual topologies\n2103653 - managed cluster is in \"unknown\" state for 120 mins after OADP restore\n2104553 - RHACM 2.5.2 images\n2104961 - Subscription UI does not allow binding to label with empty value\n2105075 - CVE-2022-31129 moment: inefficient parsing algorithm resulting in DoS\n2106069 - Upgrade to 2.5.1 from 2.5.0 fails due to missing Subscription CRD\n2107134 - Region information is not available for Azure cloud in managedcluster CR\n2107359 - cluster uninstall log points to incorrect container name\n2107885 - ACM shows wrong path for Argo CD applicationset git generator\n2109134 - Single node checkbox not visible for 4.11 images\n2110026 - Deletion of Application (including app related resources) from the console fails to delete PlacementRule for the application\n2117728 - After the creation by a policy of job or deployment (in case the object is missing)ACM is trying to add new containers instead of updating\n2122292 - pods in CrashLoopBackoff on 3.11 managed cluster\n2124707 - ArgoCD and AppSet Applications do not deploy to local-cluster\n2124794 - CVE-2022-36067 vm2:  Sandbox Escape in vm2\n\n5",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32206"
      },
      {
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "db": "PACKETSTORM",
        "id": "168284"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-32206",
        "trust": 4.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2023/02/15/3",
        "trust": 2.4
      },
      {
        "db": "SIEMENS",
        "id": "SSA-333517",
        "trust": 2.4
      },
      {
        "db": "HACKERONE",
        "id": "1570651",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-18",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-23-103-09",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVN",
        "id": "JVNVU94715153",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "169443",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "170166",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "168378",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "168284",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3366",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6333",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.3732",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.6290",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4468",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4757",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.3143",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.3238",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4324",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.5247",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4266",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4112",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.3117",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.5632",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2023.2163",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.5300",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4525",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2022.4568",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "168347",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "167607",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "168301",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "168174",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "168503",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022071152",
        "trust": 0.6
      },
      {
        "db": "CS-HELP",
        "id": "SB2022062927",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2022-32206",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168538",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168275",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168352",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169318",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-32206"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "db": "PACKETSTORM",
        "id": "168284"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "id": "VAR-202206-1900",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.5566514
  },
  "last_update_date": "2024-11-29T21:39:59.178000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "curl Remediation of resource management error vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=198520"
      },
      {
        "title": "Ubuntu Security Notice: USN-5495-1: curl vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-5495-1"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-32206"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-770",
        "trust": 1.0
      },
      {
        "problemtype": "Allocation of resources without limits or throttling (CWE-770) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://seclists.org/fulldisclosure/2022/oct/28"
      },
      {
        "trust": 2.4,
        "url": "http://seclists.org/fulldisclosure/2022/oct/41"
      },
      {
        "trust": 2.4,
        "url": "http://www.openwall.com/lists/oss-security/2023/02/15/3"
      },
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
      },
      {
        "trust": 2.4,
        "url": "https://hackerone.com/reports/1570651"
      },
      {
        "trust": 2.4,
        "url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
      },
      {
        "trust": 2.4,
        "url": "https://security.gentoo.org/glsa/202212-01"
      },
      {
        "trust": 2.4,
        "url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
      },
      {
        "trust": 2.4,
        "url": "https://support.apple.com/kb/ht213488"
      },
      {
        "trust": 2.4,
        "url": "https://www.debian.org/security/2022/dsa-5197"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32206"
      },
      {
        "trust": 1.4,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/bev6br4mti3cewk2yu2hqzuw5fas3fey/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/bev6br4mti3cewk2yu2hqzuw5fas3fey/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu94715153/"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-18"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-09"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2022-32206"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2022-32208"
      },
      {
        "trust": 0.7,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.7,
        "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2022-1292"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2022-2068"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/cve/cve-2022-29154"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.3143"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/curl-denial-of-service-via-http-compression-38671"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022062927"
      },
      {
        "trust": 0.6,
        "url": "https://support.apple.com/en-us/ht213488"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168347/red-hat-security-advisory-2022-6422-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6290"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168301/red-hat-security-advisory-2022-6287-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168174/red-hat-security-advisory-2022-6157-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4112"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.5300"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/170166/red-hat-security-advisory-2022-8840-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168378/red-hat-security-advisory-2022-6507-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.5247"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.6333"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3366"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168503/red-hat-security-advisory-2022-6560-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4757"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/167607/ubuntu-security-notice-usn-5495-1.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.2163"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2022071152"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.3732"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2023.3238"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/168284/red-hat-security-advisory-2022-6183-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4266"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-32206/"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.5632"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4468"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4324"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4525"
      },
      {
        "trust": 0.6,
        "url": "https://packetstormsecurity.com/files/169443/red-hat-security-advisory-2022-7058-01.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.3117"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2022.4568"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-2097"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2068"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1292"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-1586"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-1785"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-1897"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-1927"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-2526"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1897"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1927"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2097"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1586"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1785"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29154"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32208"
      },
      {
        "trust": 0.3,
        "url": "https://issues.jboss.org/):"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2526"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2022-30631"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0391"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-20107"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-25314"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-32250"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-36067"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2015-20107"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-30629"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-25313"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-1012"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1012"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-40528"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-0391"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-29824"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-34903"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-31129"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-32148"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-1705"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32148"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1705"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30631"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32207"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-5495-1"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html-single/install/index#installing"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-28915"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-27782"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1729"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6696"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-21123"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.4/html/release_notes/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31150"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-27776"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-28915"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-21123"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-21166"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-21125"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-22576"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-40528"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1729"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-27666"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-27774"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31151"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-24675"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30632"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.11/sandboxed_containers/sandboxed-containers-release-notes.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:7058"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/latest/sandboxed_containers/upgrade-sandboxed-containers.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24675"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2832"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-40674"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-30632"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-2832"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6344"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.11/release_notes/ocp-4-11-release-notes.html"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.11/logging/cluster-logging-upgrading.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-36084"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-15586"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-36085"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-8559"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-20838"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-4189"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-20095"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-24407"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1271"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-5827"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-0691"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3634"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17595"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5827"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3580"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-28500"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-24370"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-0686"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-13435"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-16845"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19603"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/latest/migration_toolkit_for_containers/installing-mtc.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-23337"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13750"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-23177"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-17594"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3737"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-14155"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13751"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-19603"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-42771"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20838"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-0639"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-13750"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-36087"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6429"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-20231"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-13751"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-20232"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-25219"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-31566"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17594"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-17595"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-18218"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-36086"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-18218"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-16845"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-24370"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-0512"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15586"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14155"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-28493"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-25032"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1650"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-13435"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27782"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32205"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27775"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22898"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22947"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22924"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27774"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27781"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22946"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-27776"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/curl"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22576"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-22945"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-28614"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23943"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-32207"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22721"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26377"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-30522"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31813"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-42915"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-28615"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-42916"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-22721"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-35252"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31813"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-28614"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-28330"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-28615"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-28330"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-26377"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32221"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:8840"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-23943"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-30522"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-32221"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html-single/install/index#installing"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6507"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31129"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-32250"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-release-notes.html"
      },
      {
        "trust": 0.1,
        "url": "https://docs.openshift.com/container-platform/4.10/logging/cluster-logging-upgrading.html"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6183"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2022-32206"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "db": "PACKETSTORM",
        "id": "168284"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2022-32206"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "db": "PACKETSTORM",
        "id": "168284"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-09-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "date": "2022-09-27T16:01:00",
        "db": "PACKETSTORM",
        "id": "168538"
      },
      {
        "date": "2022-10-20T14:21:57",
        "db": "PACKETSTORM",
        "id": "169443"
      },
      {
        "date": "2022-09-07T16:50:50",
        "db": "PACKETSTORM",
        "id": "168275"
      },
      {
        "date": "2022-09-13T15:42:14",
        "db": "PACKETSTORM",
        "id": "168352"
      },
      {
        "date": "2022-08-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "date": "2022-12-08T21:28:44",
        "db": "PACKETSTORM",
        "id": "170166"
      },
      {
        "date": "2022-09-14T15:08:07",
        "db": "PACKETSTORM",
        "id": "168378"
      },
      {
        "date": "2022-09-07T16:57:47",
        "db": "PACKETSTORM",
        "id": "168284"
      },
      {
        "date": "2022-06-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "date": "2022-07-07T13:15:08.340000",
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-09-01T08:15:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      },
      {
        "date": "2023-06-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      },
      {
        "date": "2024-03-27T15:00:54.267000",
        "db": "NVD",
        "id": "CVE-2022-32206"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "169318"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Haxx\u00a0 of \u00a0cURL\u00a0 Vulnerabilities related to unrestricted or throttled resource allocation in products from multiple other vendors",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-012769"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202206-2565"
      }
    ],
    "trust": 0.6
  }
}

var-202203-1690
Vulnerability from variot

zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512


Debian Security Advisory DSA-5111-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 01, 2022 https://www.debian.org/security/faq


Package : zlib CVE ID : CVE-2018-25032 Debian Bug : 1008265

Danilo Ramos discovered that incorrect memory handling in zlib's deflate handling could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed.

For the oldstable distribution (buster), this problem has been fixed in version 1:1.2.11.dfsg-1+deb10u1.

For the stable distribution (bullseye), this problem has been fixed in version 1:1.2.11.dfsg-2+deb11u1.

We recommend that you upgrade your zlib packages. Bugs fixed (https://bugzilla.redhat.com/):

2117872 - CVE-2022-1798 kubeVirt: Arbitrary file read on the host from KubeVirt VMs

  1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

====================================================================
Red Hat Security Advisory

Synopsis: Important: Red Hat Virtualization security, bug fix, and enhancement update [ovirt-4.5.0] Advisory ID: RHSA-2022:4896-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2022:4896 Issue date: 2022-06-03 CVE Names: CVE-2018-25032 CVE-2021-4028 CVE-2021-4083 CVE-2022-0778 CVE-2022-1271 CVE-2022-24903 CVE-2022-25636 ==================================================================== 1. Summary:

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

  1. Relevant releases/architectures:

RHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 8 - x86_64

  1. Description:

The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

Security Fix(es):

  • kernel: use-after-free in RDMA listen() (CVE-2021-4028)

  • kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)

  • kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)

  • openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

  • zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)

  • gzip: arbitrary-file-write vulnerability (CVE-2022-1271)

  • rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fixes:

  • elfutils package has been update within RHV-H Channel to match the same version released in RHEL (BZ#2038081)

  • Rebase package(s) to version 1.2.24 For highlights, important fixes, or notable enhancements: see bugs in "Depend On". (BZ#2057338)

  • Rebase package(s) to version: 4.5.0

Highlights, important fixes, or notable enhancements: (BZ#2057342)

  • Rebase package(s) to version anaconda-33.16.6.6-1.el8 For highlights and important bug fixes: include UI change for blocking installation if root password is not set. (BZ#1899821)

  • Red hat Virtualization Host has been rebased on Red Hat Enterprise Linux 8.6 (BZ#1997074)

  • Previously, concurrent executions of LV refresh (lvchange) failed. This hindered simultaneous starts of virtual machines that have thin-provisioned disks based on the same disk on a block storage domain. In this release, concurrent execution of LV refresh has been fixed in LVM2. (BZ#2020497)

  • Red Hat Virtualization Host has been rebased on latest Ceph 4.3 (BZ#2090138)

  • In previous releases systemtap package could have been installed on top of RHV-H from RHV-H channel. With 4.4 SP1 systemtap package installation is not supported anymore (BZ#2052963)

  • Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/2974891

  1. Bugs fixed (https://bugzilla.redhat.com/):

1899821 - RHVH 4.4.3 anaconda UI proceeds to begin installation without root password provided 1997074 - Rebase RHV-H on RHEL 8.6 2020497 - Need to include lvm2-2.03.14-1.el8 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen() 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it 2038081 - Upgrade elfutils to elfutils-0.186-1.el8 2052963 - [DOC] systemtap support dropped in RHV-H 4.4 SP1 2056334 - [RHVH-4.5.0] On UEFI machines, RHVH enters emergency mode when upgraded to 4.5.0 2056745 - sssd-ad can't be installed due to missing deps libsss_idmap 2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c 2057338 - Upgrade imgbased to 1.2.24 2057342 - Upgrade redhat-release-virtualization-host to 4.5.0 2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 2073310 - CVE-2022-1271 gzip: arbitrary-file-write vulnerability 2081353 - CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server 2086834 - Cannot install sssd daemon needed for AD Authentication 2090138 - Rebase RHV-H on Ceph 4.3

  1. Package List:

Red Hat Virtualization 4 Hypervisor for RHEL 8:

Source: elfutils-0.186-1.el8.src.rpm redhat-virtualization-host-4.5.0-202205291010_8.6.src.rpm

x86_64: elfutils-debuginfo-0.186-1.el8.x86_64.rpm elfutils-debuginfod-client-0.186-1.el8.x86_64.rpm elfutils-debuginfod-client-debuginfo-0.186-1.el8.x86_64.rpm elfutils-debuginfod-debuginfo-0.186-1.el8.x86_64.rpm elfutils-debugsource-0.186-1.el8.x86_64.rpm elfutils-devel-0.186-1.el8.x86_64.rpm elfutils-libelf-debuginfo-0.186-1.el8.x86_64.rpm elfutils-libs-debuginfo-0.186-1.el8.x86_64.rpm redhat-virtualization-host-image-update-4.5.0-202205291010_8.6.x86_64.rpm

RHEL 8-based RHEV-H for RHEV 4 (build requirements):

Source: imgbased-1.2.24-1.el8ev.src.rpm ovirt-node-ng-4.4.2-1.el8ev.src.rpm redhat-release-virtualization-host-4.5.0-5.el8ev.src.rpm redhat-virtualization-host-productimg-4.5.0-2.el8.src.rpm

noarch: imgbased-1.2.24-1.el8ev.noarch.rpm ovirt-node-ng-nodectl-4.4.2-1.el8ev.noarch.rpm python3-imgbased-1.2.24-1.el8ev.noarch.rpm python3-ovirt-node-ng-nodectl-4.4.2-1.el8ev.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.5.0-5.el8ev.noarch.rpm

x86_64: redhat-release-virtualization-host-4.5.0-5.el8ev.x86_64.rpm redhat-release-virtualization-host-content-4.5.0-5.el8ev.x86_64.rpm redhat-virtualization-host-productimg-4.5.0-2.el8.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/cve/CVE-2021-4028 https://access.redhat.com/security/cve/CVE-2021-4083 https://access.redhat.com/security/cve/CVE-2022-0778 https://access.redhat.com/security/cve/CVE-2022-1271 https://access.redhat.com/security/cve/CVE-2022-24903 https://access.redhat.com/security/cve/CVE-2022-25636 https://access.redhat.com/security/updates/classification/#important

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc. Summary:

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Description:

Service Telemetry Framework (STF) provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform (OCP) deployment for storage, retrieval, and monitoring. Solution:

The Service Telemetry Framework container image provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References). Dockerfiles and scripts should be amended either to refer to this new image specifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/):

2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read

  1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina

Security Update 2022-004 Catalina addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213255.

apache Available for: macOS Catalina Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 CVE-2021-44790 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721

AppKit Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A logic issue was addressed with improved validation. CVE-2022-22665: Lockheed Martin Red Team

AppleGraphicsControl Available for: macOS Catalina Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

AppleScript Available for: macOS Catalina Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro

AppleScript Available for: macOS Catalina Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2022-26698: Qi Sun of Trend Micro

CoreTypes Available for: macOS Catalina Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2022-22663: Arsenii Kostromin (0x3c3e)

CVMS Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A memory initialization issue was addressed. CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori

DriverKit Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with system privileges Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)

Graphics Drivers Available for: macOS Catalina Impact: A local user may be able to read kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2022-22674: an anonymous researcher

Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26720: Liu Long of Ant Security Light-Year Lab

Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2022-26770: Liu Long of Ant Security Light-Year Lab

Intel Graphics Driver Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26756: Jack Dates of RET2 Systems, Inc

Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-26769: Antonio Zekic (@antoniozekic)

Intel Graphics Driver Available for: macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative

Kernel Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg)

Kernel Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-26757: Ned Williamson of Google Project Zero

libresolv Available for: macOS Catalina Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team

LibreSSL Available for: macOS Catalina Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: A denial of service issue was addressed with improved input validation. CVE-2022-0778

libxml2 Available for: macOS Catalina Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2022-23308

OpenSSL Available for: macOS Catalina Impact: Processing a maliciously crafted certificate may lead to a denial of service Description: This issue was addressed with improved checks. CVE-2022-0778

PackageKit Available for: macOS Catalina Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved entitlements. CVE-2022-26727: Mickey Jin (@patch1t)

Printing Available for: macOS Catalina Impact: A malicious application may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2022-26746: @gorelics

Security Available for: macOS Catalina Impact: A malicious app may be able to bypass signature validation Description: A certificate parsing issue was addressed with improved checks. CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)

SMB Available for: macOS Catalina Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-26715: Peter Nguyễn Vũ Hoàng of STAR Labs

SoftwareUpdate Available for: macOS Catalina Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved entitlements. CVE-2022-26728: Mickey Jin (@patch1t)

TCC Available for: macOS Catalina Impact: An app may be able to capture a user's screen Description: This issue was addressed with improved checks. CVE-2022-26726: an anonymous researcher

Tcl Available for: macOS Catalina Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2022-26755: Arsenii Kostromin (0x3c3e)

WebKit Available for: macOS Catalina Impact: Processing a maliciously crafted mail message may lead to running arbitrary javascript Description: A validation issue was addressed with improved input sanitization. CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu of Palo Alto Networks (paloaltonetworks.com)

Wi-Fi Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2022-26761: Wang Yu of Cyberserval

zip Available for: macOS Catalina Impact: Processing a maliciously crafted file may lead to a denial of service Description: A denial of service issue was addressed with improved state handling. CVE-2022-0530

zlib Available for: macOS Catalina Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2018-25032: Tavis Ormandy

zsh Available for: macOS Catalina Impact: A remote attacker may be able to cause arbitrary code execution Description: This issue was addressed by updating to zsh version 5.8.1. CVE-2021-45444

Additional recognition

PackageKit We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance.

Security Update 2022-004 Catalina may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TYACgkQeC9qKD1p rhjgGRAAggg84uE4zYtBHmo5Qz45wlY/+FT7bSyCyo2Ta0m3JQmm26UiS9ZzXlD0 58jCo/ti+gH/gqwU05SnaG88pSMT6VKaDDnmw8WcrPtbl6NN6JX8vaZLFLoGO0dB rjwap7ulcLe7/HM8kCz3qqjKj4fusxckCjmm5yBMtuMklq7i51vzkT/+ws00ALcH 4S821CqIJlS2RIho/M/pih5A/H1Onw/nzKc7VOWjWMmmwoV+oiL4gMPE9kyIAJFQ NcZO7s70Qp9N5Z0VGIkD5HkAntEqYGNKJuCQUrHS0fHFUxVrQcuBbbSiv7vwnOT0 NVcFKBQWJtfcqmtcDF8mVi2ocqUh7So6AXhZGZtL3CrVfNMgTcjq6y5XwzXMgwlm ezMX73MnV91QuGp6KVZEmoFNlJ2dhKcJ0fYAhhW9DJqvJ1u5xIkQrUkK/ERLnWpE 9DIapT8uUbb9Zgez/tS9szv5jHhKtOoPbprju7d7LHw7XMFCVKbUvx745dFZx0AG PLsJZQNsQZJIK8QdcLA50KrlyjR2ts4nUsKj07I6LR4wUmcaj+goXYq4Nh4WLnoF x1AXD5ztdYlhqMcTAnuAbUYfuki0uzSy0p7wBiTknFwKMZNIaiToo64BES+7Iu1i vrB9SdtTSQCMXgPZX1Al1e2F/K2ubovrGU9geAEwLMq3AKudI4g= =JBHs -----END PGP SIGNATURE-----

. Description:

Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.

Security Fix(es):

  • argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. Bugs fixed (https://bugzilla.redhat.com/):

2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI 2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. 2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug 2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access

  1. Description:

Release of RHACS 3.69.2

Security Fix(es):

  • stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext (CVE-2022-1902)

  • Solution:

If you are using the RHACS 3.69.1, you are advised to upgrade to patch release 3.69.2. Bugs fixed (https://bugzilla.redhat.com/):

2090957 - CVE-2022-1902 stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext

  1. Summary:

OpenShift Serverless version 1.22.1 contains a moderate security impact.

This release includes security and bug fixes, and enhancements. Bugs fixed (https://bugzilla.redhat.com/):

2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements 2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString 2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control

  1. JIRA issues fixed (https://issues.jboss.org/):

SRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL

  1. 6 ELS) - i386, s390x, x86_64

  2. Description:

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bugs fixed (https://bugzilla.redhat.com/):

2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

  1. ========================================================================== Ubuntu Security Notice USN-6736-1 April 16, 2024

klibc vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 23.10
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 16.04 LTS (Available with Ubuntu Pro)
  • Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in klibc.

Software Description: - klibc: small utilities built with klibc for early boot

Details:

It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. (CVE-2016-9840, CVE-2016-9841)

Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain deflating operations. (CVE-2018-25032)

Evgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled memory when performing certain inflate operations. (CVE-2022-37434)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 23.10: klibc-utils 2.0.13-1ubuntu0.1 libklibc 2.0.13-1ubuntu0.1

Ubuntu 22.04 LTS: klibc-utils 2.0.10-4ubuntu0.1 libklibc 2.0.10-4ubuntu0.1

Ubuntu 20.04 LTS: klibc-utils 2.0.7-1ubuntu5.2 libklibc 2.0.7-1ubuntu5.2

Ubuntu 18.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-9ubuntu2.2+esm1 libklibc 2.0.4-9ubuntu2.2+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.4-8ubuntu1.16.04.4+esm2 libklibc 2.0.4-8ubuntu1.16.04.4+esm2

Ubuntu 14.04 LTS (Available with Ubuntu Pro): klibc-utils 2.0.3-0ubuntu1.14.04.3+esm3 libklibc 2.0.3-0ubuntu1.14.04.3+esm3

In general, a standard system update will make all the necessary changes

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202203-1690",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.4"
      },
      {
        "model": "ontap select deploy administration utility",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.5.0"
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "7.52"
      },
      {
        "model": "python",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.8.0"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "17.32"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "15.38"
      },
      {
        "model": "h500s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "python",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.10.5"
      },
      {
        "model": "management services for element software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.4.26"
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "13.46"
      },
      {
        "model": "e-series santricity os controller",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "netapp",
        "version": "11.70.2"
      },
      {
        "model": "oncommand workflow automation",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "python",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.9.0"
      },
      {
        "model": "python",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.7.0"
      },
      {
        "model": "e-series santricity os controller",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "netapp",
        "version": "11.0.0"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "6.45"
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.9.2"
      },
      {
        "model": "active iq unified manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.4.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "10.0"
      },
      {
        "model": "gotoassist",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "goto",
        "version": "11.9.18"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "35"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "11.0"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "36"
      },
      {
        "model": "python",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.9.13"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "8.60"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "34"
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.7.5"
      },
      {
        "model": "h410c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.8.4"
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "h300s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.0"
      },
      {
        "model": "h410s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.9.0"
      },
      {
        "model": "python",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.8.14"
      },
      {
        "model": "mac os x",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.15"
      },
      {
        "model": "h700s",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "macos",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.6.6"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.15.7"
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.3.0"
      },
      {
        "model": "macos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "11.0"
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.5.17"
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.7.0"
      },
      {
        "model": "python",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.7.14"
      },
      {
        "model": "python",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "python",
        "version": "3.10.0"
      },
      {
        "model": "zlib",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "zlib",
        "version": "1.2.12"
      },
      {
        "model": "zulu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "azul",
        "version": "11.54"
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.6.9"
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.8.0"
      },
      {
        "model": "mariadb",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.6.0"
      },
      {
        "model": "hci compute node",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "netapp",
        "version": null
      },
      {
        "model": "macos",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "apple",
        "version": "12.0.0"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.15.7"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "mariadb",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mariadb",
        "version": "10.3.36"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "db": "PACKETSTORM",
        "id": "167134"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2018-25032",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-25032",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.0,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-418557",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-25032",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-25032",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-418557",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-5111-1                   security@debian.org\nhttps://www.debian.org/security/                     Salvatore Bonaccorso\nApril 01, 2022                        https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage        : zlib\nCVE ID         : CVE-2018-25032\nDebian Bug     : 1008265\n\nDanilo Ramos discovered that incorrect memory handling in zlib\u0027s deflate\nhandling could result in denial of service or potentially the execution\nof arbitrary code if specially crafted input is processed. \n\nFor the oldstable distribution (buster), this problem has been fixed\nin version 1:1.2.11.dfsg-1+deb10u1. \n\nFor the stable distribution (bullseye), this problem has been fixed in\nversion 1:1.2.11.dfsg-2+deb11u1. \n\nWe recommend that you upgrade your zlib packages. Bugs fixed (https://bugzilla.redhat.com/):\n\n2117872 - CVE-2022-1798 kubeVirt: Arbitrary file read on the host from KubeVirt VMs\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: Red Hat Virtualization security, bug fix, and enhancement update [ovirt-4.5.0]\nAdvisory ID:       RHSA-2022:4896-01\nProduct:           Red Hat Virtualization\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2022:4896\nIssue date:        2022-06-03\nCVE Names:         CVE-2018-25032 CVE-2021-4028 CVE-2021-4083\n                   CVE-2022-0778 CVE-2022-1271 CVE-2022-24903\n                   CVE-2022-25636\n====================================================================\n1. Summary:\n\nAn update for imgbased, redhat-release-virtualization-host, and\nredhat-virtualization-host is now available for Red Hat Virtualization 4\nfor Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64\nRed Hat Virtualization 4 Hypervisor for RHEL 8 - x86_64\n\n3. Description:\n\nThe redhat-virtualization-host packages provide the Red Hat Virtualization\nHost. These packages include redhat-release-virtualization-host,\novirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are\ninstalled using a special build of Red Hat Enterprise Linux with only the\npackages required to host virtual machines. RHVH features a Cockpit user\ninterface for monitoring the host\u0027s resources and performing administrative\ntasks. \n\nSecurity Fix(es):\n\n* kernel: use-after-free in RDMA listen() (CVE-2021-4028)\n\n* kernel: fget: check that the fd still exists after getting a ref to it\n(CVE-2021-4083)\n\n* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)\n\n* openssl: Infinite loop in BN_mod_sqrt() reachable when parsing\ncertificates (CVE-2022-0778)\n\n* zlib: A flaw found in zlib when compressing (not decompressing) certain\ninputs (CVE-2018-25032)\n\n* gzip: arbitrary-file-write vulnerability (CVE-2022-1271)\n\n* rsyslog: Heap-based overflow in TCP syslog server (CVE-2022-24903)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fixes:\n\n* elfutils package has been update within RHV-H Channel to match the same\nversion released in RHEL (BZ#2038081)\n\n* Rebase package(s) to version 1.2.24\nFor highlights, important fixes, or notable enhancements: see bugs in\n\"Depend On\". (BZ#2057338)\n\n* Rebase package(s) to version: 4.5.0\n\nHighlights, important fixes, or notable enhancements: (BZ#2057342)\n\n* Rebase package(s) to version anaconda-33.16.6.6-1.el8\nFor highlights and important bug fixes: include UI change for blocking\ninstallation if root password is not set. (BZ#1899821)\n\n* Red hat Virtualization Host has been rebased on Red Hat Enterprise Linux\n8.6 (BZ#1997074)\n\n* Previously, concurrent executions of LV refresh (lvchange) failed. This\nhindered simultaneous starts of virtual machines that have thin-provisioned\ndisks based on the same disk on a block storage domain. \nIn this release, concurrent execution of LV refresh has been fixed in LVM2. \n(BZ#2020497)\n\n* Red Hat Virtualization Host has been rebased on latest Ceph 4.3\n(BZ#2090138)\n\n* In previous releases systemtap package could have been installed on top\nof RHV-H from RHV-H channel. With 4.4 SP1 systemtap package installation is\nnot supported anymore (BZ#2052963)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1899821 - RHVH 4.4.3 anaconda UI proceeds to begin installation without root password provided\n1997074 - Rebase RHV-H on RHEL 8.6\n2020497 - Need to include lvm2-2.03.14-1.el8\n2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()\n2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it\n2038081 - Upgrade elfutils to elfutils-0.186-1.el8\n2052963 - [DOC] systemtap support dropped in RHV-H 4.4 SP1\n2056334 - [RHVH-4.5.0] On UEFI machines, RHVH enters emergency mode when upgraded to 4.5.0\n2056745 - sssd-ad can\u0027t be installed due to missing deps libsss_idmap\n2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c\n2057338 - Upgrade imgbased to 1.2.24\n2057342 - Upgrade redhat-release-virtualization-host to 4.5.0\n2062202 - CVE-2022-0778 openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates\n2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs\n2073310 - CVE-2022-1271 gzip: arbitrary-file-write vulnerability\n2081353 - CVE-2022-24903 rsyslog: Heap-based overflow in TCP syslog server\n2086834 - Cannot install sssd daemon needed for AD Authentication\n2090138 - Rebase RHV-H on Ceph 4.3\n\n6. Package List:\n\nRed Hat Virtualization 4 Hypervisor for RHEL 8:\n\nSource:\nelfutils-0.186-1.el8.src.rpm\nredhat-virtualization-host-4.5.0-202205291010_8.6.src.rpm\n\nx86_64:\nelfutils-debuginfo-0.186-1.el8.x86_64.rpm\nelfutils-debuginfod-client-0.186-1.el8.x86_64.rpm\nelfutils-debuginfod-client-debuginfo-0.186-1.el8.x86_64.rpm\nelfutils-debuginfod-debuginfo-0.186-1.el8.x86_64.rpm\nelfutils-debugsource-0.186-1.el8.x86_64.rpm\nelfutils-devel-0.186-1.el8.x86_64.rpm\nelfutils-libelf-debuginfo-0.186-1.el8.x86_64.rpm\nelfutils-libs-debuginfo-0.186-1.el8.x86_64.rpm\nredhat-virtualization-host-image-update-4.5.0-202205291010_8.6.x86_64.rpm\n\nRHEL 8-based RHEV-H for RHEV 4 (build requirements):\n\nSource:\nimgbased-1.2.24-1.el8ev.src.rpm\novirt-node-ng-4.4.2-1.el8ev.src.rpm\nredhat-release-virtualization-host-4.5.0-5.el8ev.src.rpm\nredhat-virtualization-host-productimg-4.5.0-2.el8.src.rpm\n\nnoarch:\nimgbased-1.2.24-1.el8ev.noarch.rpm\novirt-node-ng-nodectl-4.4.2-1.el8ev.noarch.rpm\npython3-imgbased-1.2.24-1.el8ev.noarch.rpm\npython3-ovirt-node-ng-nodectl-4.4.2-1.el8ev.noarch.rpm\nredhat-virtualization-host-image-update-placeholder-4.5.0-5.el8ev.noarch.rpm\n\nx86_64:\nredhat-release-virtualization-host-4.5.0-5.el8ev.x86_64.rpm\nredhat-release-virtualization-host-content-4.5.0-5.el8ev.x86_64.rpm\nredhat-virtualization-host-productimg-4.5.0-2.el8.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-25032\nhttps://access.redhat.com/security/cve/CVE-2021-4028\nhttps://access.redhat.com/security/cve/CVE-2021-4083\nhttps://access.redhat.com/security/cve/CVE-2022-0778\nhttps://access.redhat.com/security/cve/CVE-2022-1271\nhttps://access.redhat.com/security/cve/CVE-2022-24903\nhttps://access.redhat.com/security/cve/CVE-2022-25636\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2022 Red Hat, Inc. Summary:\n\nAn update is now available for Service Telemetry Framework 1.4 for RHEL 8. Description:\n\nService Telemetry Framework (STF) provides automated collection of\nmeasurements and data from remote clients, such as Red Hat OpenStack\nPlatform or third-party nodes. STF then transmits the information to a\ncentralized, receiving Red Hat OpenShift Container Platform (OCP)\ndeployment for storage, retrieval, and monitoring. Solution:\n\nThe Service Telemetry Framework container image provided by this update can\nbe downloaded from the Red Hat Container Registry at\nregistry.access.redhat.com. Installation instructions for your platform are\navailable at Red Hat Container Catalog (see References). \nDockerfiles and scripts should be amended either to refer to this new image\nspecifically, or to the latest image generally. Bugs fixed (https://bugzilla.redhat.com/):\n\n2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina\n\nSecurity Update 2022-004 Catalina addresses the following issues. \nInformation about the security content is also available at\nhttps://support.apple.com/HT213255. \n\napache\nAvailable for: macOS Catalina\nImpact: Multiple issues in apache\nDescription: Multiple issues were addressed by updating apache to\nversion 2.4.53. \nCVE-2021-44224\nCVE-2021-44790\nCVE-2022-22719\nCVE-2022-22720\nCVE-2022-22721\n\nAppKit\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to gain root privileges\nDescription: A logic issue was addressed with improved validation. \nCVE-2022-22665: Lockheed Martin Red Team\n\nAppleGraphicsControl\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted image may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day\nInitiative\n\nAppleScript\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2022-26697: Qi Sun and Robert Ai of Trend Micro\n\nAppleScript\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted AppleScript binary may\nresult in unexpected application termination or disclosure of process\nmemory\nDescription: An out-of-bounds read was addressed with improved bounds\nchecking. \nCVE-2022-26698: Qi Sun of Trend Micro\n\nCoreTypes\nAvailable for: macOS Catalina\nImpact: A malicious application may bypass Gatekeeper checks\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2022-22663: Arsenii Kostromin (0x3c3e)\n\nCVMS\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to gain root privileges\nDescription: A memory initialization issue was addressed. \nCVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori\nCVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori\n\nDriverKit\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to execute arbitrary code\nwith system privileges\nDescription: An out-of-bounds access issue was addressed with\nimproved bounds checking. \nCVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)\n\nGraphics Drivers\nAvailable for: macOS Catalina\nImpact: A local user may be able to read kernel memory\nDescription: An out-of-bounds read issue existed that led to the\ndisclosure of kernel memory. This was addressed with improved input\nvalidation. \nCVE-2022-22674: an anonymous researcher\n\nIntel Graphics Driver\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26720: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: An out-of-bounds read issue was addressed with improved\ninput validation. \nCVE-2022-26770: Liu Long of Ant Security Light-Year Lab\n\nIntel Graphics Driver\nAvailable for: macOS Catalina\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26756: Jack Dates of RET2 Systems, Inc\n\nIntel Graphics Driver\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to execute arbitrary code\nwith kernel privileges\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2022-26769: Antonio Zekic (@antoniozekic)\n\nIntel Graphics Driver\nAvailable for: macOS Catalina\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: An out-of-bounds write issue was addressed with improved\ninput validation. \nCVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro\nZero Day Initiative\n\nKernel\nAvailable for: macOS Catalina\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nvalidation. \nCVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs\n(@starlabs_sg)\n\nKernel\nAvailable for: macOS Catalina\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-26757: Ned Williamson of Google Project Zero\n\nlibresolv\nAvailable for: macOS Catalina\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An integer overflow was addressed with improved input\nvalidation. \nCVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team\n\nLibreSSL\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: A denial of service issue was addressed with improved\ninput validation. \nCVE-2022-0778\n\nlibxml2\nAvailable for: macOS Catalina\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2022-23308\n\nOpenSSL\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted certificate may lead to a\ndenial of service\nDescription: This issue was addressed with improved checks. \nCVE-2022-0778\n\nPackageKit\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to modify protected parts\nof the file system\nDescription: This issue was addressed with improved entitlements. \nCVE-2022-26727: Mickey Jin (@patch1t)\n\nPrinting\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to bypass Privacy\npreferences\nDescription: This issue was addressed by removing the vulnerable\ncode. \nCVE-2022-26746: @gorelics\n\nSecurity\nAvailable for: macOS Catalina\nImpact: A malicious app may be able to bypass signature validation\nDescription: A certificate parsing issue was addressed with improved\nchecks. \nCVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)\n\nSMB\nAvailable for: macOS Catalina\nImpact: An application may be able to gain elevated privileges\nDescription: An out-of-bounds write issue was addressed with improved\nbounds checking. \nCVE-2022-26715: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs\n\nSoftwareUpdate\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to access restricted\nfiles\nDescription: This issue was addressed with improved entitlements. \nCVE-2022-26728: Mickey Jin (@patch1t)\n\nTCC\nAvailable for: macOS Catalina\nImpact: An app may be able to capture a user\u0027s screen\nDescription: This issue was addressed with improved checks. \nCVE-2022-26726: an anonymous researcher\n\nTcl\nAvailable for: macOS Catalina\nImpact: A malicious application may be able to break out of its\nsandbox\nDescription: This issue was addressed with improved environment\nsanitization. \nCVE-2022-26755: Arsenii Kostromin (0x3c3e)\n\nWebKit\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted mail message may lead to\nrunning arbitrary javascript\nDescription: A validation issue was addressed with improved input\nsanitization. \nCVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu\nof Palo Alto Networks (paloaltonetworks.com)\n\nWi-Fi\nAvailable for: macOS Catalina\nImpact: An application may be able to execute arbitrary code with\nkernel privileges\nDescription: A memory corruption issue was addressed with improved\nmemory handling. \nCVE-2022-26761: Wang Yu of Cyberserval\n\nzip\nAvailable for: macOS Catalina\nImpact: Processing a maliciously crafted file may lead to a denial of\nservice\nDescription: A denial of service issue was addressed with improved\nstate handling. \nCVE-2022-0530\n\nzlib\nAvailable for: macOS Catalina\nImpact: An attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2018-25032: Tavis Ormandy\n\nzsh\nAvailable for: macOS Catalina\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: This issue was addressed by updating to zsh version\n5.8.1. \nCVE-2021-45444\n\nAdditional recognition\n\nPackageKit\nWe would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for\ntheir assistance. \n\nSecurity Update 2022-004 Catalina may be obtained from the Mac App\nStore or Apple\u0027s Software Downloads web site:\nhttps://support.apple.com/downloads/\nAll information is also posted on the Apple Security Updates\nweb site: https://support.apple.com/en-us/HT201222. \n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\n\niQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmKC1TYACgkQeC9qKD1p\nrhjgGRAAggg84uE4zYtBHmo5Qz45wlY/+FT7bSyCyo2Ta0m3JQmm26UiS9ZzXlD0\n58jCo/ti+gH/gqwU05SnaG88pSMT6VKaDDnmw8WcrPtbl6NN6JX8vaZLFLoGO0dB\nrjwap7ulcLe7/HM8kCz3qqjKj4fusxckCjmm5yBMtuMklq7i51vzkT/+ws00ALcH\n4S821CqIJlS2RIho/M/pih5A/H1Onw/nzKc7VOWjWMmmwoV+oiL4gMPE9kyIAJFQ\nNcZO7s70Qp9N5Z0VGIkD5HkAntEqYGNKJuCQUrHS0fHFUxVrQcuBbbSiv7vwnOT0\nNVcFKBQWJtfcqmtcDF8mVi2ocqUh7So6AXhZGZtL3CrVfNMgTcjq6y5XwzXMgwlm\nezMX73MnV91QuGp6KVZEmoFNlJ2dhKcJ0fYAhhW9DJqvJ1u5xIkQrUkK/ERLnWpE\n9DIapT8uUbb9Zgez/tS9szv5jHhKtOoPbprju7d7LHw7XMFCVKbUvx745dFZx0AG\nPLsJZQNsQZJIK8QdcLA50KrlyjR2ts4nUsKj07I6LR4wUmcaj+goXYq4Nh4WLnoF\nx1AXD5ztdYlhqMcTAnuAbUYfuki0uzSy0p7wBiTknFwKMZNIaiToo64BES+7Iu1i\nvrB9SdtTSQCMXgPZX1Al1e2F/K2ubovrGU9geAEwLMq3AKudI4g=\n=JBHs\n-----END PGP SIGNATURE-----\n\n\n. Description:\n\nRed Hat Openshift GitOps is a declarative way to implement continuous\ndeployment for cloud native applications. \n\nSecurity Fix(es):\n\n* argocd: vulnerable to a variety of attacks when an SSO login is initiated\nfrom the Argo CD CLI or the UI. Bugs fixed (https://bugzilla.redhat.com/):\n\n2096278 - CVE-2022-31035 argocd: cross-site scripting (XSS) allow a malicious user to inject a javascript link in the UI\n2096282 - CVE-2022-31034 argocd: vulnerable to a variety of attacks when an SSO login is initiated from the Argo CD CLI or the UI. \n2096283 - CVE-2022-31016 argocd: vulnerable to an uncontrolled memory consumption bug\n2096291 - CVE-2022-31036 argocd: vulnerable to a symlink following bug allowing a malicious user with repository write access\n\n5. Description:\n\nRelease of RHACS 3.69.2\n\nSecurity Fix(es):\n\n* stackrox: Improper sanitization allows users to retrieve Notifier secrets\nfrom GraphQL API in plaintext (CVE-2022-1902)\n\n3. Solution:\n\nIf you are using the RHACS 3.69.1, you are advised to upgrade to patch\nrelease 3.69.2. Bugs fixed (https://bugzilla.redhat.com/):\n\n2090957 - CVE-2022-1902 stackrox: Improper sanitization allows users to retrieve Notifier secrets from GraphQL API in plaintext\n\n5. Summary:\n\nOpenShift Serverless version 1.22.1 contains a moderate security impact. \n\nThis release includes security and bug fixes, and enhancements. Bugs fixed (https://bugzilla.redhat.com/):\n\n2053429 - CVE-2022-23806 golang: crypto/elliptic IsOnCurve returns true for invalid field elements\n2053532 - CVE-2022-23772 golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString\n2053541 - CVE-2022-23773 golang: cmd/go: misinterpretation of branch names can lead to incorrect access control\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nSRVKE-1217 - New KafkaSource implementation does not default to PLAIN for SASL\n\n6. 6 ELS) - i386, s390x, x86_64\n\n3. Description:\n\nThe zlib packages provide a general-purpose lossless data compression\nlibrary that is used by many different programs. Bugs fixed (https://bugzilla.redhat.com/):\n\n2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs\n\n6. ==========================================================================\nUbuntu Security Notice USN-6736-1\nApril 16, 2024\n\nklibc vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 23.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 16.04 LTS (Available with Ubuntu Pro)\n- Ubuntu 14.04 LTS (Available with Ubuntu Pro)\n\nSummary:\n\nSeveral security issues were fixed in klibc. \n\nSoftware Description:\n- klibc: small utilities built with klibc for early boot\n\nDetails:\n\nIt was discovered that zlib, vendored in klibc, incorrectly handled pointer\narithmetic. (CVE-2016-9840, CVE-2016-9841)\n\nDanilo Ramos discovered that zlib, vendored in klibc, incorrectly handled\nmemory when performing certain deflating operations. \n(CVE-2018-25032)\n\nEvgeny Legerov discovered that zlib, vendored in klibc, incorrectly handled\nmemory when performing certain inflate operations. \n(CVE-2022-37434)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 23.10:\n   klibc-utils                    2.0.13-1ubuntu0.1\n   libklibc                        2.0.13-1ubuntu0.1\n\nUbuntu 22.04 LTS:\n   klibc-utils                    2.0.10-4ubuntu0.1\n   libklibc                        2.0.10-4ubuntu0.1\n\nUbuntu 20.04 LTS:\n   klibc-utils                    2.0.7-1ubuntu5.2\n   libklibc                        2.0.7-1ubuntu5.2\n\nUbuntu 18.04 LTS (Available with Ubuntu Pro):\n   klibc-utils                    2.0.4-9ubuntu2.2+esm1\n   libklibc                        2.0.4-9ubuntu2.2+esm1\n\nUbuntu 16.04 LTS (Available with Ubuntu Pro):\n   klibc-utils                    2.0.4-8ubuntu1.16.04.4+esm2\n   libklibc                        2.0.4-8ubuntu1.16.04.4+esm2\n\nUbuntu 14.04 LTS (Available with Ubuntu Pro):\n   klibc-utils                    2.0.3-0ubuntu1.14.04.3+esm3\n   libklibc                        2.0.3-0ubuntu1.14.04.3+esm3\n\nIn general, a standard system update will make all the necessary changes",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      },
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "db": "PACKETSTORM",
        "id": "167189"
      },
      {
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "db": "PACKETSTORM",
        "id": "167134"
      },
      {
        "db": "PACKETSTORM",
        "id": "178074"
      }
    ],
    "trust": 1.89
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-418557",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-25032",
        "trust": 2.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/03/28/3",
        "trust": 1.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/03/26/1",
        "trust": 1.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/03/28/1",
        "trust": 1.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/03/24/1",
        "trust": 1.1
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2022/03/25/2",
        "trust": 1.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-333517",
        "trust": 1.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167400",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "167346",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "168696",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "167134",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "167594",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "167591",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "168011",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "167189",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "166552",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167133",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168352",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168042",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "166967",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167327",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167391",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167381",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167122",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167956",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167088",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167142",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "171157",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167225",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169897",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167140",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167008",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167602",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167277",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167330",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169782",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167485",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "166946",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167679",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167334",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167116",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167389",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "166563",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "166555",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167223",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "170003",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167555",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168036",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167224",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167568",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167260",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167364",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167461",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "171152",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167188",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167271",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167936",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167138",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167586",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167186",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167281",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169624",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167470",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167265",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "166970",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "168392",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167119",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167136",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167674",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167622",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167124",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "167486",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-418557",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "169403",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "178074",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "db": "PACKETSTORM",
        "id": "167189"
      },
      {
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "db": "PACKETSTORM",
        "id": "167134"
      },
      {
        "db": "PACKETSTORM",
        "id": "178074"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "id": "VAR-202203-1690",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      }
    ],
    "trust": 0.6566514
  },
  "last_update_date": "2024-11-29T21:27:46.168000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.1,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20220729-0004/"
      },
      {
        "trust": 1.1,
        "url": "https://github.com/madler/zlib/compare/v1.2.11...v1.2.12"
      },
      {
        "trust": 1.1,
        "url": "https://security.netapp.com/advisory/ntap-20220526-0009/"
      },
      {
        "trust": 1.1,
        "url": "https://support.apple.com/kb/ht213255"
      },
      {
        "trust": 1.1,
        "url": "https://support.apple.com/kb/ht213256"
      },
      {
        "trust": 1.1,
        "url": "https://support.apple.com/kb/ht213257"
      },
      {
        "trust": 1.1,
        "url": "https://www.debian.org/security/2022/dsa-5111"
      },
      {
        "trust": 1.1,
        "url": "http://seclists.org/fulldisclosure/2022/may/38"
      },
      {
        "trust": 1.1,
        "url": "http://seclists.org/fulldisclosure/2022/may/35"
      },
      {
        "trust": 1.1,
        "url": "http://seclists.org/fulldisclosure/2022/may/33"
      },
      {
        "trust": 1.1,
        "url": "https://security.gentoo.org/glsa/202210-42"
      },
      {
        "trust": 1.1,
        "url": "https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531"
      },
      {
        "trust": 1.1,
        "url": "https://github.com/madler/zlib/issues/605"
      },
      {
        "trust": 1.1,
        "url": "https://www.openwall.com/lists/oss-security/2022/03/24/1"
      },
      {
        "trust": 1.1,
        "url": "https://www.openwall.com/lists/oss-security/2022/03/28/1"
      },
      {
        "trust": 1.1,
        "url": "https://www.openwall.com/lists/oss-security/2022/03/28/3"
      },
      {
        "trust": 1.1,
        "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2022/04/msg00000.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00008.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00023.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.openwall.com/lists/oss-security/2022/03/25/2"
      },
      {
        "trust": 1.1,
        "url": "http://www.openwall.com/lists/oss-security/2022/03/26/1"
      },
      {
        "trust": 1.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-25032"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
      },
      {
        "trust": 1.0,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2018-25032"
      },
      {
        "trust": 0.7,
        "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.7,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.6,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/cve/cve-2022-1271"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1271"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-23852"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0778"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2022-0778"
      },
      {
        "trust": 0.2,
        "url": "https://issues.jboss.org/):"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3634"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-3737"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3737"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3634"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4189"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2021-4189"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/voknp2l734ael47nrygvzikefoubqy5y/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/jzzptwryqulaol3aw7rzjnvz2uonxcv4/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ns2d2gfpfgojul4wq3duay7hf4vwq77f/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/df62mvmh3qugmbdcb3dy2erq6ebhtadb/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/dczfijbjtz7cl5qxbfktq22q26vinruf/"
      },
      {
        "trust": 0.1,
        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xokfmsnq5d5wgmalbnbxu3ge442v74wu/"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "https://security-tracker.debian.org/tracker/zlib"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-0494"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1798"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-29154"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-29154"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-2526"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-2526"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0494"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:6890"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1353"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1798"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1353"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23852"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4083"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:4896"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-4083"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-25636"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-25636"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-24903"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-4028"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/articles/2974891"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-24903"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-4028"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-37750"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3867"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9805"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3894"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9807"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3899"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-30761"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8743"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-14502"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8743"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8823"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2016-10228"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-1000858"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3900"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9894"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-33938"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-27618"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8782"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-10228"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8771"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9952"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8846"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-24407"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9915"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8783"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-36222"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8625"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3326"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8813"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9806"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3885"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9802"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-20305"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8764"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-22946"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8769"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8710"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2018-1000858"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-10018"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9895"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8811"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8710"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-14502"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-15358"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8819"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3862"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-13050"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3868"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-29361"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-9169"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3895"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3865"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3518"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-33930"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-14391"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3864"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9862"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3541"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-33929"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-29362"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8835"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-14889"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8816"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-8927"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3897"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8808"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13627"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3520"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20454"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8625"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-27218"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-22947"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8766"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-11793"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9803"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3521"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9850"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-25013"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3537"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-30666"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3517"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-33928"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-30631"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8820"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9893"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14889"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-1730"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8844"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-20807"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3516"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3902"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:5924"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8814"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-13434"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8812"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-25013"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8815"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9843"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-20454"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-3901"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-8720"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-30762"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13050"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2019-13627"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-29363"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20807"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-9925"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2020-15503"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8720"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/downloads/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22721"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23308"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/ht213255."
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22589"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22663"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26726"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44790"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22674"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26714"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-0530"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-44224"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26698"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22719"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26727"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26728"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26697"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26748"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26721"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-45444"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26720"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22720"
      },
      {
        "trust": 0.1,
        "url": "https://www.apple.com/support/security/pgp/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-22665"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26715"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26722"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-26746"
      },
      {
        "trust": 0.1,
        "url": "https://support.apple.com/en-us/ht201222."
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31036"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31034"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:5187"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31035"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31034"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31016"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31035"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-31016"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-31036"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:5188"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1154"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-23222"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-23222"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1154"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3672"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25219"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-1902"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-3672"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-1902"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2021-25219"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23773"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.9/html/serverless/index"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-23806"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.8/html/serverless/index"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.10/html/serverless/index"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23806"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.6/html/serverless/index"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-23772"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-23773"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.7/html/serverless/index"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:4863"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2022-23772"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/errata/rhsa-2022:2214"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/klibc/2.0.10-4ubuntu0.1"
      },
      {
        "trust": 0.1,
        "url": "https://ubuntu.com/security/notices/usn-6736-1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-9840"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/klibc/2.0.13-1ubuntu0.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-37434"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/klibc/2.0.7-1ubuntu5.2"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "db": "PACKETSTORM",
        "id": "167189"
      },
      {
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "db": "PACKETSTORM",
        "id": "167134"
      },
      {
        "db": "PACKETSTORM",
        "id": "178074"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "db": "PACKETSTORM",
        "id": "167189"
      },
      {
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "db": "PACKETSTORM",
        "id": "167134"
      },
      {
        "db": "PACKETSTORM",
        "id": "178074"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-03-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "date": "2022-04-28T19:12:00",
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "date": "2022-10-12T13:22:05",
        "db": "PACKETSTORM",
        "id": "168696"
      },
      {
        "date": "2022-06-06T14:54:18",
        "db": "PACKETSTORM",
        "id": "167400"
      },
      {
        "date": "2022-08-09T14:36:05",
        "db": "PACKETSTORM",
        "id": "168011"
      },
      {
        "date": "2022-05-17T16:59:55",
        "db": "PACKETSTORM",
        "id": "167189"
      },
      {
        "date": "2022-06-27T16:44:20",
        "db": "PACKETSTORM",
        "id": "167594"
      },
      {
        "date": "2022-06-27T16:41:09",
        "db": "PACKETSTORM",
        "id": "167591"
      },
      {
        "date": "2022-06-01T17:29:48",
        "db": "PACKETSTORM",
        "id": "167346"
      },
      {
        "date": "2022-05-12T15:51:14",
        "db": "PACKETSTORM",
        "id": "167134"
      },
      {
        "date": "2024-04-16T14:05:51",
        "db": "PACKETSTORM",
        "id": "178074"
      },
      {
        "date": "2022-03-25T09:15:08.187000",
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-02-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-418557"
      },
      {
        "date": "2023-11-07T02:56:26.393000",
        "db": "NVD",
        "id": "CVE-2018-25032"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "168011"
      }
    ],
    "trust": 0.1
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Debian Security Advisory 5111-1",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "169403"
      }
    ],
    "trust": 0.1
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "arbitrary",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "169403"
      },
      {
        "db": "PACKETSTORM",
        "id": "178074"
      }
    ],
    "trust": 0.2
  }
}

var-202212-1133
Vulnerability from variot

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain vulnerabilities related to the use of cryptographic algorithms.Information may be obtained

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202212-1133",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "scalance xr552-12m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 ecc",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm416-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr326-2c poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc642-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xc224-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr328-4c wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w734-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc632-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w788-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w738-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr524-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance m874-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2sfp eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc646-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "ruggedcom rm1224 lte\\ eu",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xf204-2bca dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc224-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w786-2 sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "siplus net scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w778-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr528-6m",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m876-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xr326-2c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w778-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w788-2 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wum766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc636-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "siplus net scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m804pb",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w774-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2ia m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr526-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2g poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-4c g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w721-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance mum856-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "ruggedcom rm1224 lte\\ nam",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xb205-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m874-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xf204-2ba",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 eec m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb205-3",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-2 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc622-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance w761-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216-3g poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204 dna",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance wum763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xr324wg",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam763-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm408-8c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2sfp g",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance wam766-1 6ghz",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w786-2ia rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance wam766-1",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w774-1 m12 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xb213-3ld",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc206-2",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xm408-4c",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp208eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-2 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w722-1 rj45",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance w1748-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 poe",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "*"
      },
      {
        "model": "scalance xc206-2sfp",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance w1788-1 m12",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3"
      },
      {
        "model": "scalance xc216eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xc208 eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xf204",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance xp216poe eec",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "siemens",
        "version": null
      },
      {
        "model": "scalance s615 eec",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m812-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-4",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance s615",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte eu",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-622-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-636-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "ruggedcom rm1224 lte nam",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m816-1 adsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum856-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m876-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc626-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-3",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-642-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance mum853-1",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m826-2 shdsl-router",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m804pb",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-646-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance sc-632-2c",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      },
      {
        "model": "scalance m874-2",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens reported these vulnerabilities to CISA.",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2022-46140",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "productcert@siemens.com",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "id": "CVE-2022-46140",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 2.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "OTHER",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2022-023551",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "productcert@siemens.com",
            "id": "CVE-2022-46140",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2022-46140",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "OTHER",
            "id": "JVNDB-2022-023551",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202212-3091",
            "trust": 0.6,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the system. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain vulnerabilities related to the use of cryptographic algorithms.Information may be obtained",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      }
    ],
    "trust": 1.62
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2022-46140",
        "trust": 3.2
      },
      {
        "db": "SIEMENS",
        "id": "SSA-413565",
        "trust": 2.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-22-349-04",
        "trust": 1.4
      },
      {
        "db": "JVN",
        "id": "JVNVU91561630",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "id": "VAR-202212-1133",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.6398166875
  },
  "last_update_date": "2024-08-14T12:05:03.547000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Siemens part of the product Fixes for encryption problem vulnerabilities",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218340"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-327",
        "trust": 1.0
      },
      {
        "problemtype": "Use of incomplete or dangerous cryptographic algorithms (CWE-327) [ others ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu91561630/"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2022-46140"
      },
      {
        "trust": 0.8,
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04"
      },
      {
        "trust": 0.6,
        "url": "https://cxsecurity.com/cveshow/cve-2022-46140/"
      },
      {
        "trust": 0.6,
        "url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "date": "2022-12-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "date": "2022-12-13T16:15:25.007000",
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-11-29T03:03:00",
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      },
      {
        "date": "2022-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      },
      {
        "date": "2023-03-14T10:15:23.297000",
        "db": "NVD",
        "id": "CVE-2022-46140"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerabilities related to the use of cryptographic algorithms in multiple Siemens products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2022-023551"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "encryption problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202212-3091"
      }
    ],
    "trust": 0.6
  }
}