Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2023-AVI-0298
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Siemens | N/A | Solid Edge SE2023 avec KeyShot 11 versions antérieures à V2023.1 | ||
| Siemens | N/A | TIA Portal V18 versions antérieures à V18 Update 1 | ||
| Siemens | N/A | TeleControl Server Basic V3 | ||
| Siemens | N/A | Polarion ALM versions antérieures à V2304.0 | ||
| Siemens | N/A | CP-8031 MASTER MODULE (6MF2803-1AA00) et CP-8050 MASTER MODULE (6MF2805-0AA00) versions antérieures à CPCI85 V05 | ||
| Siemens | N/A | TIA Portal V15, V16 et V17 | ||
| Siemens | N/A | JT2Go versions antérieures à V14.2.0.2 | ||
| Siemens | N/A | De nombreuses références SIPROTEC, SCALANCE, SIMATIC et SIPLUS, se référer aux bulletins de sécurité de l'éditeur pour la liste complète | ||
| Siemens | N/A | SIMATIC S7-400 PN/DP CPU family | ||
| Siemens | N/A | Teamcenter Visualization V13.2 versions antérieures à V13.2.0.13 | ||
| Siemens | N/A | Mendix Forgot Password (Mendix 8 compatible) versions antérieures à V4.1.1 | ||
| Siemens | N/A | Mendix Forgot Password (Mendix 9 compatible) versions antérieures à V5.1.1 | ||
| Siemens | N/A | SIMATIC CP 443-1 Advanced versions antérieures à V3.2.17 | ||
| Siemens | N/A | SIMATIC CP 343-1 Advanced versions antérieures à V3.0.53 | ||
| Siemens | N/A | Teamcenter Visualization V14.0 versions antérieures à V14.0.0.5 | ||
| Siemens | N/A | SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions antérieures à V2.2 | ||
| Siemens | N/A | JT Open versions antérieures à V11.3.2.0 | ||
| Siemens | N/A | Teamcenter Visualization V14.2 versions antérieures à V14.2.0.2 | ||
| Siemens | N/A | Mendix Forgot Password (Mendix 7 compatible) versions antérieures à V3.7.1 | ||
| Siemens | N/A | JT Utilities versions antérieures à V13.3.0.0 | ||
| Siemens | N/A | Teamcenter Visualization V13.3 versions antérieures à V13.3.0.9 | ||
| Siemens | N/A | OpenPCS 7 V9.1 | ||
| Siemens | N/A | SIMATIC S7-300 CPU family versions antérieures à V3.X.18 | ||
| Siemens | N/A | Teamcenter Visualization V14.1 versions antérieures à V14.1.0.7 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Solid Edge SE2023 avec KeyShot 11 versions ant\u00e9rieures \u00e0 V2023.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal V18 versions ant\u00e9rieures \u00e0 V18 Update 1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TeleControl Server Basic V3",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Polarion ALM versions ant\u00e9rieures \u00e0 V2304.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "CP-8031 MASTER MODULE (6MF2803-1AA00) et CP-8050 MASTER MODULE (6MF2805-0AA00) versions ant\u00e9rieures \u00e0 CPCI85 V05",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "TIA Portal V15, V16 et V17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT2Go versions ant\u00e9rieures \u00e0 V14.2.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "De nombreuses r\u00e9f\u00e9rences SIPROTEC, SCALANCE, SIMATIC et SIPLUS, se r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour la liste compl\u00e8te",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-400 PN/DP CPU family",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V13.2 versions ant\u00e9rieures \u00e0 V13.2.0.13",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Forgot Password (Mendix 8 compatible) versions ant\u00e9rieures \u00e0 V4.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Forgot Password (Mendix 9 compatible) versions ant\u00e9rieures \u00e0 V5.1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 443-1 Advanced versions ant\u00e9rieures \u00e0 V3.2.17",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC CP 343-1 Advanced versions ant\u00e9rieures \u00e0 V3.0.53",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V14.0 versions ant\u00e9rieures \u00e0 V14.0.0.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SCALANCE XCM332 (6GK5332-0GA01-2AC2) versions ant\u00e9rieures \u00e0 V2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT Open versions ant\u00e9rieures \u00e0 V11.3.2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V14.2 versions ant\u00e9rieures \u00e0 V14.2.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Mendix Forgot Password (Mendix 7 compatible) versions ant\u00e9rieures \u00e0 V3.7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "JT Utilities versions ant\u00e9rieures \u00e0 V13.3.0.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V13.3 versions ant\u00e9rieures \u00e0 V13.3.0.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "OpenPCS 7 V9.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "SIMATIC S7-300 CPU family versions ant\u00e9rieures \u00e0 V3.X.18",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
},
{
"description": "Teamcenter Visualization V14.1 versions ant\u00e9rieures \u00e0 V14.1.0.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Siemens",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2023-28828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28828"
},
{
"name": "CVE-2016-8673",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8673"
},
{
"name": "CVE-2020-35198",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35198"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2023-28766",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28766"
},
{
"name": "CVE-2021-27044",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27044"
},
{
"name": "CVE-2022-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1652"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2023-29053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29053"
},
{
"name": "CVE-2023-28489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28489"
},
{
"name": "CVE-2022-43767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43767"
},
{
"name": "CVE-2022-44725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44725"
},
{
"name": "CVE-2023-29054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29054"
},
{
"name": "CVE-2023-23588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23588"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2016-8672",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8672"
},
{
"name": "CVE-2023-26293",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26293"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2022-43716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43716"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2022-1729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1729"
},
{
"name": "CVE-2022-43768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43768"
},
{
"name": "CVE-2023-27464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27464"
},
{
"name": "CVE-2020-28895",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28895"
},
{
"name": "CVE-2023-1709",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1709"
},
{
"name": "CVE-2022-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30065"
}
],
"initial_release_date": "2023-04-11T00:00:00",
"last_revision_date": "2023-04-11T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0298",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-699404 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-699404.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-479249 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-479249.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-572164 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-572164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-691715 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-691715.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-511182 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-511182.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-566905 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-642810 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-642810.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-603476 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-603476.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-813746 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-813746.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-629917 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-629917.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-558014 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-558014.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-322980 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-116924 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-116924.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-632164 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-632164.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-472454 du 11 avril 2023",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-472454.html"
}
]
}
CVE-2023-28766 (GCVE-0-2023-28766)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2024-08-02 13:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-476 - NULL Pointer Dereference
Summary
A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 6MD89 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7KE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.40), SIPROTEC 5 7SA86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SA87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.40), SIPROTEC 5 7SD86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SD87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.40), SIPROTEC 5 7SK85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.40), SIPROTEC 5 7SL86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SL87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SS85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7ST85 (CP300) (All versions >= V7.80 < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7SX82 (CP150) (All versions < V9.40), SIPROTEC 5 7SX85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UM85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.40), SIPROTEC 5 7UT85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT86 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7UT87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VE85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VK87 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 7VU85 (CP300) (All versions >= V7.80 < V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.
An unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIPROTEC 5 6MD85 (CP300) |
Version: V7.80 < V9.40 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-322980.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MD89 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.64",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 6MU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7KE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SA87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SD87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ81 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SJ86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SK85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SL87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SS85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.64",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7ST86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7SX85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UM85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP100)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT82 (CP150)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT86 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7UT87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VE85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VK87 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 7VU85 (CP300)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "V7.80",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BA-2EL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BA-2EL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BB-2FO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BB-2FO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.89",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Communication Module ETH-BD-2FO",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPROTEC 5 Compact 7SX800 (CP050)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V9.40",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIPROTEC 5 6MD85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 6MD86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 6MD89 (CP300) (All versions \u003e= V7.80 \u003c V9.64), SIPROTEC 5 6MU85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7KE85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SA86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SA87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SD86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SD87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SJ81 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SJ82 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SJ85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SJ86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SK82 (CP100) (All versions \u003c V8.89), SIPROTEC 5 7SK82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SK85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SL86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SL87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SS85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7ST85 (CP300) (All versions \u003e= V7.80 \u003c V9.64), SIPROTEC 5 7ST86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7SX82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7SX85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UM85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions \u003c V9.40), SIPROTEC 5 7UT85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT86 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7UT87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VE85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VK87 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 7VU85 (CP300) (All versions \u003e= V7.80 \u003c V9.40), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions \u003c V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions \u003c V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions \u003c V9.40 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions \u003c V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions \u003c V9.40), SIPROTEC 5 Compact 7SX800 (CP050) (All versions \u003c V9.40). Affected devices lack proper validation of http request parameters of the hosted web service.\r\nAn unauthenticated remote attacker could send specially crafted packets that could cause denial of service condition of the target device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-15T07:23:35.884Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-322980.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-322980.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28766",
"datePublished": "2023-04-11T09:03:05.547Z",
"dateReserved": "2023-03-23T09:09:31.711Z",
"dateUpdated": "2024-08-02T13:51:38.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23588 (GCVE-0-2023-23588)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2024-10-15 17:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application.
A local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC IPC1047 |
Version: All versions |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:35:33.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-511182.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:09:07.958283Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:12:13.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC1047",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC1047E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC647E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847D",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC IPC847E",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows), SIMATIC IPC847D (All versions), SIMATIC IPC847E (All versions with maxView Storage Manager \u003c 4.09.00.25611 on Windows). The Adaptec Maxview application on affected devices is using a non-unique TLS certificate across installations to protect the communication from the local browser to the local application.\r\nA local attacker may use this key to decrypt intercepted local traffic between the browser and the application and could perform a man-in-the-middle attack in order to modify data in transit."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:03:01.130Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-511182.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-23588",
"datePublished": "2023-04-11T09:03:01.130Z",
"dateReserved": "2023-01-13T14:55:01.563Z",
"dateUpdated": "2024-10-15T17:12:13.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27464 (GCVE-0-2023-27464)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2025-02-07 16:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-204 - Observable Response Discrepancy
Summary
A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Mendix Forgot Password (Mendix 7 compatible) |
Version: All versions < V3.7.1 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699404.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27464",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:50:31.698147Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:50:42.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Mendix Forgot Password (Mendix 7 compatible)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.7.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Forgot Password (Mendix 8 compatible)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V4.1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix Forgot Password (Mendix 9 compatible)",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions \u003c V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions \u003c V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions \u003c V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:03:03.269Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-699404.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-27464",
"datePublished": "2023-04-11T09:03:03.269Z",
"dateReserved": "2023-03-01T17:29:31.289Z",
"dateUpdated": "2025-02-07T16:50:42.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28828 (GCVE-0-2023-28828)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2025-02-07 16:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Summary
A vulnerability has been identified in Polarion ALM (All versions < V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Siemens | Polarion ALM |
Version: All versions < V22R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T13:51:38.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632164.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:49:41.743411Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:50:02.207Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Polarion ALM",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V22R2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Polarion ALM (All versions \u003c V22R2). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611: Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-09T11:51:27.662Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-632164.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28828",
"datePublished": "2023-04-11T09:03:06.681Z",
"dateReserved": "2023-03-24T15:17:29.558Z",
"dateUpdated": "2025-02-07T16:50:02.207Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1709 (GCVE-0-2023-1709)
Vulnerability from cvelistv5
Published
2023-06-07 20:36
Modified
2025-01-06 19:59
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
Datalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT2Go |
Version: 0 < 14.2.0.2 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:57:25.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-11"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-629917.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-164-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-06T19:59:18.928582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-06T19:59:28.270Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JT2Go",
"vendor": "Siemens ",
"versions": [
{
"lessThan": "14.2.0.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Teamcenter Visualization",
"vendor": "Siemens ",
"versions": [
{
"lessThan": "13.2.0.13",
"status": "affected",
"version": "13.2",
"versionType": "custom"
},
{
"lessThan": "13.3.0.9",
"status": "affected",
"version": "13.3",
"versionType": "custom"
},
{
"lessThan": "14.0.0.5",
"status": "affected",
"version": "14.0",
"versionType": "custom"
},
{
"lessThan": "14.1.0.7",
"status": "affected",
"version": "14.1",
"versionType": "custom"
},
{
"lessThan": "14.2.0.2",
"status": "affected",
"version": "14.2",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Library APDFL",
"vendor": "Datalogics",
"versions": [
{
"lessThanOrEqual": "v18.0.4PlusP1e",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael Heinzl reported this vulnerability to Siemens. "
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nDatalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.\n\n \n\n"
}
],
"value": "\nDatalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.\n\n \n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-14T20:17:02.964Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-11"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-629917.html"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-164-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cdiv\u003eSiemens has released updates for the affected products and recommends updating to the latest versions:\u003c/div\u003e\u003cul\u003e\u003cli\u003eJT2Go: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html\"\u003eUpdate to V14.2.0.2\u003c/a\u003e or later version\u003c/li\u003e\u003cli\u003eTeamcenter Visualization V13.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to V13.2.0.13\u003c/a\u003e\u0026nbsp; or later version \u003c/li\u003e\u003cli\u003eTeamcenter Visualization V13.3: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to V13.3.0.9\u003c/a\u003e\u0026nbsp; or later version \u003c/li\u003e\u003cli\u003eTeamcenter Visualization V14.0: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to V14.0.0.5\u003c/a\u003e\u0026nbsp; or later version \u003c/li\u003e\u003cli\u003eTeamcenter Visualization V14.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to V14.1.0.7\u003c/a\u003e\u0026nbsp; or later version \u003c/li\u003e\u003cli\u003eTeamcenter Visualization V14.2: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.sw.siemens.com/\"\u003eUpdate to V14.2.0.2\u003c/a\u003e\u0026nbsp; or later version \n\n\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Siemens has released updates for the affected products and recommends updating to the latest versions:\n\n * JT2Go: Update to V14.2.0.2 https://www.plm.automation.siemens.com/global/en/products/plm-components/jt2go.html or later version\n * Teamcenter Visualization V13.2: Update to V13.2.0.13 https://support.sw.siemens.com/ \u00a0 or later version \n * Teamcenter Visualization V13.3: Update to V13.3.0.9 https://support.sw.siemens.com/ \u00a0 or later version \n * Teamcenter Visualization V14.0: Update to V14.0.0.5 https://support.sw.siemens.com/ \u00a0 or later version \n * Teamcenter Visualization V14.1: Update to V14.1.0.7 https://support.sw.siemens.com/ \u00a0 or later version \n * Teamcenter Visualization V14.2: Update to V14.2.0.2 https://support.sw.siemens.com/ \u00a0 or later version \n\n\n\n\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Datalogics Library APDFL Stack-based Buffer Overflow",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eSiemens has identified the following specific workarounds and mitigations that users can apply to reduce risks: \u003c/p\u003e\n\u003cul\u003e\u003cli\u003eAvoid opening untrusted files in JT2Go and Teamcenter Visualization \u003c/li\u003e\n\u003c/ul\u003e\u003cp\u003eAs a general security measure, Siemens recommends protecting \nnetwork access to devices with appropriate mechanisms. To operate the \ndevices in a protected IT environment, Siemens recommends configuring \nthe environment according to Siemens\u0027 \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.siemens.com/cert/operational-guidelines-industrial-security\"\u003eoperational guidelines for industrial security\u003c/a\u003e,\n and to follow the recommendations in the product manuals. Additional \ninformation on industrial security by Siemens can be found at the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.siemens.com/industrialsecurity\"\u003eSiemens Industrial Security web page\u003c/a\u003e. \n\u003c/p\u003e\u003cp\u003eFor further inquiries on security vulnerabilities in Siemens products and solutions, users should contact the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.siemens.com/cert/advisories\"\u003eSiemens ProductCERT\u003c/a\u003e.\u003c/p\u003e"
}
],
"value": "Siemens has identified the following specific workarounds and mitigations that users can apply to reduce risks: \n\n\n * Avoid opening untrusted files in JT2Go and Teamcenter Visualization \n\n\n\nAs a general security measure, Siemens recommends protecting \nnetwork access to devices with appropriate mechanisms. To operate the \ndevices in a protected IT environment, Siemens recommends configuring \nthe environment according to Siemens\u0027 operational guidelines for industrial security https://www.siemens.com/cert/operational-guidelines-industrial-security ,\n and to follow the recommendations in the product manuals. Additional \ninformation on industrial security by Siemens can be found at the Siemens Industrial Security web page https://www.siemens.com/industrialsecurity . \n\n\nFor further inquiries on security vulnerabilities in Siemens products and solutions, users should contact the Siemens ProductCERT https://www.siemens.com/cert/advisories .\n\n"
},
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\u003cp\u003eDatalogics recommends users to update to APDFL v18.0.4PlusP1g. \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datalogics.com/datalogics-contact-us\"\u003eContact Datalogics\u003c/a\u003e\u0026nbsp;for more information on obtaining this update.\u003c/p\u003e\u003cp\u003eFor more information, refer to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://dev.datalogics.com/adobe-pdf-library/release-notes-adobe-pdf-library-v-18/\"\u003eDatalogic\u2019s release notes\u003c/a\u003e.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "Datalogics recommends users to update to APDFL v18.0.4PlusP1g. Contact Datalogics https://www.datalogics.com/datalogics-contact-us \u00a0for more information on obtaining this update.\n\nFor more information, refer to Datalogic\u2019s release notes https://dev.datalogics.com/adobe-pdf-library/release-notes-adobe-pdf-library-v-18/ .\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-1709",
"datePublished": "2023-06-07T20:36:05.055Z",
"dateReserved": "2023-03-29T22:59:38.901Z",
"dateUpdated": "2025-01-06T19:59:28.270Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27044 (GCVE-0-2021-27044)
Vulnerability from cvelistv5
Published
2021-09-15 14:11
Modified
2024-08-03 20:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-Of-Bounds Read Vulnerability
Summary
A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk FBX Review |
Version: 1.5.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:46.985Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Autodesk FBX Review",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-Of-Bounds Read Vulnerability ",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-09-15T17:23:14",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@autodesk.com",
"ID": "CVE-2021-27044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Autodesk FBX Review",
"version": {
"version_data": [
{
"version_value": "1.5.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-Of-Bounds Read Vulnerability "
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001",
"refsource": "MISC",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2021-27044",
"datePublished": "2021-09-15T14:11:00",
"dateReserved": "2021-02-09T00:00:00",
"dateUpdated": "2024-08-03T20:40:46.985Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40674 (GCVE-0-2022-40674)
Vulnerability from cvelistv5
Published
2022-09-14 00:00
Modified
2025-05-30 19:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:21:46.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/629"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/libexpat/libexpat/pull/640"
},
{
"name": "DSA-5236",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5236"
},
{
"name": "[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html"
},
{
"name": "GLSA-202209-24",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202209-24"
},
{
"name": "FEDORA-2022-15ec504440",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/"
},
{
"name": "FEDORA-2022-c68d90efc3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221028-0008/"
},
{
"name": "FEDORA-2022-d93b3bd8b9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/"
},
{
"name": "FEDORA-2022-c22feb71ba",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/"
},
{
"name": "FEDORA-2022-dcb1d7bcb1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/"
},
{
"name": "GLSA-202211-06",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202211-06"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-40674",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T19:17:58.194138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T19:18:52.952Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-22T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libexpat/libexpat/pull/629"
},
{
"url": "https://github.com/libexpat/libexpat/pull/640"
},
{
"name": "DSA-5236",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5236"
},
{
"name": "[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html"
},
{
"name": "GLSA-202209-24",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202209-24"
},
{
"name": "FEDORA-2022-15ec504440",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/"
},
{
"name": "FEDORA-2022-c68d90efc3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221028-0008/"
},
{
"name": "FEDORA-2022-d93b3bd8b9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/"
},
{
"name": "FEDORA-2022-c22feb71ba",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/"
},
{
"name": "FEDORA-2022-dcb1d7bcb1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/"
},
{
"name": "GLSA-202211-06",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202211-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-40674",
"datePublished": "2022-09-14T00:00:00.000Z",
"dateReserved": "2022-09-14T00:00:00.000Z",
"dateUpdated": "2025-05-30T19:18:52.952Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-28489 (GCVE-0-2023-28489)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2025-02-13 16:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter “Remote Operation” is enabled. The parameter is disabled by default.
The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | CP-8031 MASTER MODULE |
Version: All versions < CPCI85 V05 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:38:25.371Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-472454.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jul/14"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-28489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:50:18.504791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:50:22.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "CP-8031 MASTER MODULE",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c CPCI85 V05"
}
]
},
{
"defaultStatus": "unknown",
"product": "CP-8050 MASTER MODULE",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c CPCI85 V05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in CP-8031 MASTER MODULE (All versions \u003c CPCI85 V05), CP-8050 MASTER MODULE (All versions \u003c CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter \u201cRemote Operation\u201d is enabled. The parameter is disabled by default.\r\nThe vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T17:06:25.587Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-472454.pdf"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/14"
},
{
"url": "http://packetstormsecurity.com/files/173370/Siemens-A8000-CP-8050-CP-8031-Code-Execution-Command-Injection.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-28489",
"datePublished": "2023-04-11T09:03:04.302Z",
"dateReserved": "2023-03-16T10:14:37.883Z",
"dateUpdated": "2025-02-13T16:48:43.223Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8673 (GCVE-0-2016-8673)
Vulnerability from cvelistv5
Published
2016-11-23 11:00
Modified
2024-08-06 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T19:08:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server at port 80/TCP or port 443/TCP of the affected devices could allow remote attackers to perform actions with the permissions of an authenticated user, provided the targeted user has an active session and is induced to trigger the malicious request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-8673",
"datePublished": "2016-11-23T11:00:00",
"dateReserved": "2016-10-15T00:00:00",
"dateUpdated": "2024-08-06T02:27:41.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32207 (GCVE-0-2022-32207)
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2025-04-23 18:04
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-840 - Business Logic Errors ()
Summary
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1573634"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-32207",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:31:36.720075Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:04:31.119Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.84.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When curl \u003c 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-840",
"description": "Business Logic Errors (CWE-840)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-19T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1573634"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32207",
"datePublished": "2022-07-07T00:00:00.000Z",
"dateReserved": "2022-06-01T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:04:31.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30065 (GCVE-0-2022-30065)
Vulnerability from cvelistv5
Published
2022-05-18 00:00
Modified
2024-08-03 06:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:40:47.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugs.busybox.net/show_bug.cgi?id=14781"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use-after-free in Busybox 1.35-x\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://bugs.busybox.net/show_bug.cgi?id=14781"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-30065",
"datePublished": "2022-05-18T00:00:00",
"dateReserved": "2022-05-02T00:00:00",
"dateUpdated": "2024-08-03T06:40:47.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1729 (GCVE-0-2022-1729)
Vulnerability from cvelistv5
Published
2022-09-01 00:00
Modified
2024-08-03 00:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | linux kernel |
Version: linux kernel 5.18 rc9 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:16:58.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2022/05/20/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20230214-0006/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "linux kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "linux kernel 5.18 rc9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-366",
"description": "CWE-366",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3ac6487e584a1eb54071dbe1212e05b884136704"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/05/20/2"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230214-0006/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-1729",
"datePublished": "2022-09-01T00:00:00",
"dateReserved": "2022-05-16T00:00:00",
"dateUpdated": "2024-08-03T00:16:58.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35252 (GCVE-0-2022-35252)
Vulnerability from cvelistv5
Published
2022-09-23 00:00
Modified
2025-05-05 16:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation ()
Summary
When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings.
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in curl 7.85.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:29:17.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1613943"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220930-0005/"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213603"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213604"
},
{
"name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jan/20"
},
{
"name": "20230123 APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jan/21"
},
{
"name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-35252",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:42.952225Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:14:44.468Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in curl 7.85.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation (CWE-20)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-28T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1613943"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220930-0005/"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-01"
},
{
"url": "https://support.apple.com/kb/HT213603"
},
{
"url": "https://support.apple.com/kb/HT213604"
},
{
"name": "20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2023/Jan/20"
},
{
"name": "20230123 APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2023/Jan/21"
},
{
"name": "[debian-lts-announce] 20230128 [SECURITY] [DLA 3288-1] curl security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-35252",
"datePublished": "2022-09-23T00:00:00.000Z",
"dateReserved": "2022-07-06T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:14:44.468Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32205 (GCVE-0-2022-32205)
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2025-05-05 16:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling ()
Summary
A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1569946"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-32205",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:54.715338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:17:03.151Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.84.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A malicious server can serve excessive amounts of `Set-Cookie:` headers in a HTTP response to curl and curl \u003c 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven\u0027t expired. Due to cookie matching rules, a server on `foo.example.com` can set cookies that also would match for `bar.example.com`, making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling (CWE-770)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-19T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1569946"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32205",
"datePublished": "2022-07-07T00:00:00.000Z",
"dateReserved": "2022-06-01T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:17:03.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-46828 (GCVE-0-2021-46828)
Vulnerability from cvelistv5
Published
2022-07-20 00:00
Modified
2025-05-05 16:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:17:42.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://git.linux-nfs.org/?p=steved/libtirpc.git%3Ba=commit%3Bh=86529758570cef4c73fb9b9c4104fdc510f701ed"
},
{
"name": "DSA-5200",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5200"
},
{
"name": "[debian-lts-announce] 20220812 [SECURITY] [DLA 3071-1] libtirpc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20221007-0004/"
},
{
"name": "GLSA-202210-33",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202210-33"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-46828",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:27:08.884158Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:44:46.048Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-31T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://git.linux-nfs.org/?p=steved/libtirpc.git%3Ba=commit%3Bh=86529758570cef4c73fb9b9c4104fdc510f701ed"
},
{
"name": "DSA-5200",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5200"
},
{
"name": "[debian-lts-announce] 20220812 [SECURITY] [DLA 3071-1] libtirpc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00004.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20221007-0004/"
},
{
"name": "GLSA-202210-33",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202210-33"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-46828",
"datePublished": "2022-07-20T00:00:00.000Z",
"dateReserved": "2022-07-20T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:44:46.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32208 (GCVE-0-2022-32208)
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2025-05-05 16:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-840 - Business Logic Errors ()
Summary
When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:55.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1590071"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-32208",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:50.533287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:16:44.842Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.84.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When curl \u003c 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-840",
"description": "Business Logic Errors (CWE-840)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-19T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1590071"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-01"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32208",
"datePublished": "2022-07-07T00:00:00.000Z",
"dateReserved": "2022-06-01T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:16:44.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43767 (GCVE-0-2022-43767)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-833 - Deadlock
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 |
Version: 0 < V3.4.29 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1543sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_dnp3",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_iec",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_eu",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_us",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-8_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-8_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:tim_1531_irc:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T19:11:06.737320Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T20:11:32.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.317Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-833",
"description": "CWE-833: Deadlock",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:33.351Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43767",
"datePublished": "2023-04-11T09:02:50.497Z",
"dateReserved": "2022-10-26T11:27:16.347Z",
"dateUpdated": "2024-09-10T09:33:33.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29054 (GCVE-0-2023-29054)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2025-02-07 16:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-326 - Inadequate Encryption Strength
Summary
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.
This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data
passed over the connection between legitimate clients and the affected device.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SCALANCE X200-4P IRT |
Version: All versions < V5.5.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29054",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:49:12.465183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:49:26.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SCALANCE X200-4P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X201-3P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X202-2P IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE X204IRT PRO",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF201-3P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204-2BA IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE XF204IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET SCALANCE X202-2P IRT",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V5.5.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SCALANCE X200-4P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT (All versions \u003c V5.5.2), SCALANCE X201-3P IRT PRO (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT (All versions \u003c V5.5.2), SCALANCE X202-2P IRT PRO (All versions \u003c V5.5.2), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT (All versions \u003c V5.5.2), SCALANCE X204IRT PRO (All versions \u003c V5.5.2), SCALANCE XF201-3P IRT (All versions \u003c V5.5.2), SCALANCE XF202-2P IRT (All versions \u003c V5.5.2), SCALANCE XF204-2BA IRT (All versions \u003c V5.5.2), SCALANCE XF204IRT (All versions \u003c V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions \u003c V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default.\r\n\r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data\r\npassed over the connection between legitimate clients and the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326: Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:03:08.813Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479249.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-29054",
"datePublished": "2023-04-11T09:03:08.813Z",
"dateReserved": "2023-03-30T12:04:26.539Z",
"dateUpdated": "2025-02-07T16:49:26.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1652 (GCVE-0-2022-1652)
Vulnerability from cvelistv5
Published
2022-05-31 18:05
Modified
2024-08-03 00:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:10:03.746Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://francozappa.github.io/about-bias/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832397"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://kb.cert.org/vuls/id/647177/"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220722-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Linux Kernel through 5.17.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-22T18:07:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://francozappa.github.io/about-bias/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832397"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://kb.cert.org/vuls/id/647177/"
},
{
"name": "DSA-5173",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20220722-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-1652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "Linux Kernel through 5.17.5"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://francozappa.github.io/about-bias/",
"refsource": "MISC",
"url": "https://francozappa.github.io/about-bias/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1832397",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832397"
},
{
"name": "https://kb.cert.org/vuls/id/647177/",
"refsource": "MISC",
"url": "https://kb.cert.org/vuls/id/647177/"
},
{
"name": "DSA-5173",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2022/dsa-5173"
},
{
"name": "https://security.netapp.com/advisory/ntap-20220722-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20220722-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-1652",
"datePublished": "2022-05-31T18:05:47",
"dateReserved": "2022-05-10T00:00:00",
"dateUpdated": "2024-08-03T00:10:03.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43716 (GCVE-0-2022-43716)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2024-09-10 09:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 |
Version: 0 < V3.4.29 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1242-7_gprs_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1242-7_gprs_v2",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_dnp3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_dnp3",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-1_iec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-1_iec",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_eu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_eu",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-7_lte_us:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-7_lte_us",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1243-8:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1243-8",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1542sp-1_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1542sp-1_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:simatic_cp_1543sp-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "simatic_cp_1543sp-1",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1542sp-1_irc_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1542sp-1_irc_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_et_200sp_cp_1543sp-1_isec_tx_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_et_200sp_cp_1543sp-1_isec_tx_rail",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_443-1_advanced:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_443-1_advanced",
"vendor": "siemens",
"versions": [
{
"lessThan": "v3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_net_cp_1242-7_v2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_net_cp_1242-7_v2",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_s7-1200_cp_1243-1_rail:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_s7-1200_cp_1243-1_rail",
"vendor": "siemens",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:siplus_tim_1531_irc:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "siplus_tim_1531_irc",
"vendor": "siemens",
"versions": [
{
"lessThan": "v2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43716",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T14:12:55.560896Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T14:35:43.227Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:31.854Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43716",
"datePublished": "2023-04-11T09:02:49.383Z",
"dateReserved": "2022-10-24T05:19:12.272Z",
"dateUpdated": "2024-09-10T09:33:31.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26293 (GCVE-0-2023-26293)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2024-11-25 21:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions < V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions < V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | Totally Integrated Automation Portal (TIA Portal) V15 |
Version: 0 < * |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:46:23.955Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26293",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T21:18:47.172683Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T21:18:55.576Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V15",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V16",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V16 Update 7",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V17",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V17 Update 6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Totally Integrated Automation Portal (TIA Portal) V18",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V18 Update 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Totally Integrated Automation Portal (TIA Portal) V15 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions \u003c V16 Update 7), Totally Integrated Automation Portal (TIA Portal) V17 (All versions \u003c V17 Update 6), Totally Integrated Automation Portal (TIA Portal) V18 (All versions \u003c V18 Update 1). Affected products contain a path traversal vulnerability that could allow the creation or overwrite of arbitrary files in the engineering system. If the user is tricked to open a malicious PC system configuration file, an attacker could exploit this vulnerability to achieve arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:50:28.798Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-116924.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-116924.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-26293",
"datePublished": "2023-04-11T09:03:02.235Z",
"dateReserved": "2023-02-21T17:13:44.190Z",
"dateUpdated": "2024-11-25T21:18:55.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-32206 (GCVE-0-2022-32206)
Vulnerability from cvelistv5
Published
2022-07-07 00:00
Modified
2025-05-05 16:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling ()
Summary
curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | https://github.com/curl/curl |
Version: Fixed in 7.84.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:32:56.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://hackerone.com/reports/1570651"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202212-01"
},
{
"name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/02/15/3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-32206",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T13:30:52.597184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-05T16:16:54.022Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "https://github.com/curl/curl",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 7.84.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "curl \u003c 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling (CWE-770)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-15T00:00:00.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/1570651"
},
{
"name": "FEDORA-2022-1b3d7f6973",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/"
},
{
"name": "DSA-5197",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"name": "[debian-lts-announce] 20220828 [SECURITY] [DLA 3085-1] curl security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
},
{
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
},
{
"url": "https://support.apple.com/kb/HT213488"
},
{
"name": "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/41"
},
{
"name": "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Oct/28"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf"
},
{
"name": "GLSA-202212-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202212-01"
},
{
"name": "[oss-security] 20230215 curl: CVE-2023-23916: HTTP multi-header compression denial of service",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/02/15/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2022-32206",
"datePublished": "2022-07-07T00:00:00.000Z",
"dateReserved": "2022-06-01T00:00:00.000Z",
"dateUpdated": "2025-05-05T16:16:54.022Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29053 (GCVE-0-2023-29053)
Vulnerability from cvelistv5
Published
2023-04-11 09:03
Modified
2025-02-26 21:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Siemens | JT Open |
Version: All versions < V11.3.2.0 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-642810.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29053",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T21:06:30.675103Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T21:06:46.463Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "JT Open",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V11.3.2.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "JT Utilities",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V13.3.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in JT Open (All versions \u003c V11.3.2.0), JT Utilities (All versions \u003c V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T09:03:07.730Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-642810.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-29053",
"datePublished": "2023-04-11T09:03:07.730Z",
"dateReserved": "2023-03-30T12:04:26.538Z",
"dateUpdated": "2025-02-26T21:06:46.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8672 (GCVE-0-2016-8672)
Vulnerability from cvelistv5
Published
2016-11-23 11:00
Modified
2024-08-06 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions < V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the "secure" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-12T19:08:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-8672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.0.53), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variant) (All versions \u003c V3.2.17), SIMATIC S7-300 PN/DP CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP CPU family (incl. SIPLUS variants) (All versions). The integrated web server delivers cookies without the \"secure\" flag. Modern browsers interpreting the flag would mitigate potential data leakage in case of clear text transmission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf",
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-603476.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-8672",
"datePublished": "2016-11-23T11:00:00",
"dateReserved": "2016-10-15T00:00:00",
"dateUpdated": "2024-08-06T02:27:41.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-35198 (GCVE-0-2020-35198)
Vulnerability from cvelistv5
Published
2021-05-12 10:55
Modified
2024-08-04 17:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T17:02:06.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:22:42",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-35198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support2.windriver.com/index.php?page=security-notices",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=security-notices"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-35198"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-35198",
"datePublished": "2021-05-12T10:55:47",
"dateReserved": "2020-12-12T00:00:00",
"dateUpdated": "2024-08-04T17:02:06.842Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44725 (GCVE-0-2022-44725)
Vulnerability from cvelistv5
Published
2022-11-17 00:00
Modified
2025-04-29 14:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://opcfoundation.org/developer-tools/samples-and-tools-unified-architecture/local-discovery-server-lds/"
},
{
"tags": [
"x_transferred"
],
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-44725.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-44725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-29T14:46:37.329040Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-29T14:47:56.883Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-17T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://opcfoundation.org/developer-tools/samples-and-tools-unified-architecture/local-discovery-server-lds/"
},
{
"url": "https://files.opcfoundation.org/SecurityBulletins/OPC%20Foundation%20Security%20Bulletin%20CVE-2022-44725.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-44725",
"datePublished": "2022-11-17T00:00:00.000Z",
"dateReserved": "2022-11-04T00:00:00.000Z",
"dateUpdated": "2025-04-29T14:47:56.883Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43768 (GCVE-0-2022-43768)
Vulnerability from cvelistv5
Published
2023-04-11 09:02
Modified
2025-02-07 16:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions < V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions < V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions < V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions < V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions < V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions < V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Siemens | SIMATIC CP 1242-7 V2 |
Version: 0 < V3.4.29 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.422Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:50:58.868618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:51:07.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 443-1 Advanced",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "TIM 1531 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE0) (All versions \u003c V3.3), SIMATIC CP 443-1 (6GK7443-1EX30-0XE1) (All versions \u003c V3.3), SIMATIC CP 443-1 Advanced (6GK7443-1GX30-0XE0) (All versions \u003c V3.3), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0) (All versions \u003c V3.4.29), SIPLUS NET CP 443-1 (6AG1443-1EX30-4XE0) (All versions \u003c V3.3), SIPLUS NET CP 443-1 Advanced (6AG1443-1GX30-4XE0) (All versions \u003c V3.3), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0) (All versions \u003c V3.4.29), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0) (All versions \u003c V3.4.29), SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions \u003c V2.3.6), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions \u003c V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T09:33:34.861Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-566905.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-566905.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-43768",
"datePublished": "2023-04-11T09:02:51.623Z",
"dateReserved": "2022-10-26T11:27:16.347Z",
"dateUpdated": "2025-02-07T16:51:07.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-28895 (GCVE-0-2020-28895)
Vulnerability from cvelistv5
Published
2021-02-03 15:16
Modified
2024-08-04 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:41:00.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
}
],
"datePublic": "2020-12-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:22:39",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "integer overflow in calloc",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-28895",
"STATE": "PUBLIC",
"TITLE": "integer overflow in calloc"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Reported by Omri Ben Bassat \u003cv-obenbassat@microsoft.com\u003e"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block\u0027s size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=V7LIBC-1327"
},
{
"name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895",
"refsource": "MISC",
"url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2020-28895"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-28895",
"datePublished": "2021-02-03T15:16:34",
"dateReserved": "2020-11-17T00:00:00",
"dateUpdated": "2024-08-04T16:41:00.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…