CVE-2022-29952 (GCVE-0-2022-29952)

Vulnerability from cvelistv5 – Published: 2022-07-26 21:42 – Updated: 2024-08-03 06:33
VLAI?
Summary
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:33:43.189Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.forescout.com/blog/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-26T21:42:17",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.forescout.com/blog/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-29952",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.forescout.com/blog/",
              "refsource": "MISC",
              "url": "https://www.forescout.com/blog/"
            },
            {
              "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02",
              "refsource": "MISC",
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-29952",
    "datePublished": "2022-07-26T21:42:17",
    "dateReserved": "2022-04-29T00:00:00",
    "dateUpdated": "2024-08-03T06:33:43.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/40_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1\", \"matchCriteriaId\": \"0D92B5C5-BA42-4F57-843D-AE5CCD018755\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"43F3A6C3-FAFA-4798-A861-280C86C86792\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/44_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1\", \"matchCriteriaId\": \"DE58522B-45F7-43DE-B30C-803238E24CF6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/44:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55145ED4-ABB2-4ABF-815F-D7B9F93B2FB0\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/46_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.1\", \"matchCriteriaId\": \"2C076FF4-8D1E-4370-BF9E-91056543F423\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/46:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5182FFD7-A4A2-4E81-907E-F25EA9EA6251\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:bakerhughes:bently_nevada_60m100_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"268F94F1-8636-4A4C-8821-87C55CC1458D\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:bakerhughes:bently_nevada_60m100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B43A4AA-BDFD-4AD1-80BF-686F8F8D517C\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.\"}, {\"lang\": \"es\", \"value\": \"El equipo de monitoreo de condiciones de Bently Nevada versiones hasta 29-04-2022, maneja inapropiadamente la autenticaci\\u00f3n. Usa los protocolos de comandos y datos TDI (60005/TCP, 60007/TCP) para las comunicaciones entre el controlador de monitorizaci\\u00f3n y el Sistema 1 y/o el software Bently Nevada Monitor Configuration (BNMC). Estos protocolos proporcionan la administraci\\u00f3n de la configuraci\\u00f3n y la funcionalidad relacionada con los datos hist\\u00f3ricos. Ninguno de los dos protocolos presenta caracter\\u00edsticas de autenticaci\\u00f3n, permitiendo a cualquier atacante capaz de comunicarse con los puertos en cuesti\\u00f3n invocar (un subconjunto de) la funcionalidad deseada.\"}]",
      "id": "CVE-2022-29952",
      "lastModified": "2024-11-21T07:00:03.173",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\", \"baseScore\": 9.1, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.2}]}",
      "published": "2022-07-26T22:15:10.843",
      "references": "[{\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.forescout.com/blog/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"https://www.forescout.com/blog/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-29952\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-07-26T22:15:10.843\",\"lastModified\":\"2024-11-21T07:00:03.173\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols (60005/TCP, 60007/TCP) for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration (BNMC) software. These protocols provide configuration management and historical data related functionality. Neither protocol has any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality.\"},{\"lang\":\"es\",\"value\":\"El equipo de monitoreo de condiciones de Bently Nevada versiones hasta 29-04-2022, maneja inapropiadamente la autenticaci\u00f3n. Usa los protocolos de comandos y datos TDI (60005/TCP, 60007/TCP) para las comunicaciones entre el controlador de monitorizaci\u00f3n y el Sistema 1 y/o el software Bently Nevada Monitor Configuration (BNMC). Estos protocolos proporcionan la administraci\u00f3n de la configuraci\u00f3n y la funcionalidad relacionada con los datos hist\u00f3ricos. Ninguno de los dos protocolos presenta caracter\u00edsticas de autenticaci\u00f3n, permitiendo a cualquier atacante capaz de comunicarse con los puertos en cuesti\u00f3n invocar (un subconjunto de) la funcionalidad deseada.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/40_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"0D92B5C5-BA42-4F57-843D-AE5CCD018755\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"43F3A6C3-FAFA-4798-A861-280C86C86792\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/44_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"DE58522B-45F7-43DE-B30C-803238E24CF6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/44:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55145ED4-ABB2-4ABF-815F-D7B9F93B2FB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bakerhughes:bently_nevada_3701\\\\/46_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1\",\"matchCriteriaId\":\"2C076FF4-8D1E-4370-BF9E-91056543F423\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:bakerhughes:bently_nevada_3701\\\\/46:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5182FFD7-A4A2-4E81-907E-F25EA9EA6251\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:bakerhughes:bently_nevada_60m100_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"268F94F1-8636-4A4C-8821-87C55CC1458D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:bakerhughes:bently_nevada_60m100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B43A4AA-BDFD-4AD1-80BF-686F8F8D517C\"}]}]}],\"references\":[{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.forescout.com/blog/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/uscert/ics/advisories/icsa-22-188-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://www.forescout.com/blog/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.