var-202212-1136
Vulnerability from variot
Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Information may be obtained. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers.
The Siemens SCALANCE M-800/S615 series has an information disclosure vulnerability due to the affected device not properly checking the TFTP block size
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202212-1136",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance m876-4",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m812-1 adsl-router",
"scope": "lt",
"trust": 1.2,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m816-1 adsl-router",
"scope": "lt",
"trust": 1.2,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m876-3",
"scope": "lt",
"trust": 1.2,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance mum856-1",
"scope": "lt",
"trust": 1.2,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance w778-1 m12 eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w788-2 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m812-1 adsl-router",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xc206-2g poe eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc636-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "scalance xp208eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w1788-2 eec m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w788-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xb213-3ld",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w761-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w774-1 m12 eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w1788-2ia m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xf204-2ba",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc208 eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xp216poe eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc224",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc216-4c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance mum853-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance w786-2 sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xp216eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net scalance xc208",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "ruggedcom rm1224 lte\\ eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xr326-2c poe",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xb213-3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w721-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xc206-2sfp eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net scalance xc216-4c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wam766-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w1788-2 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xp208",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr328-4c wg",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xb205-3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w788-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc224-4c g eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc216",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m816-1 adsl-router",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance s615 eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance m804pb",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xr524-8c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net scalance xc206-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc206-2g poe",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc622-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "ruggedcom rm1224 lte\\ nam",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance w786-2ia rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc216eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wum763-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wum766-1 6ghz",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc216-4c g",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m876-4",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xf204 dna",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wam766-1 6ghz",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m826-2 shdsl-router",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xm416-4c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w738-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance w1788-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xp208poe eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc208 poe",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr526-8c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc206-2sfp g eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wam766-1 ecc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w748-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xc224-4c g",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w774-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr552-12m",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance s615",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance w722-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xm408-4c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc206-2sfp g",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w774-1 m12 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc632-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "scalance w734-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance sc646-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "scalance m874-3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance sc626-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "scalance xc216-3g poe",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w786-2 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr528-6m",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w1748-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w786-1 rj45",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xm408-8c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance m874-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance wam763-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w778-1 m12",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance wum766-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc206-2sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc208",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xp216",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc642-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "scalance xb216",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc216-4c g eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr324wg",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xc206-2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xr326-2c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus net scalance xc206-2sfp",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance w788-2 m12 eec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance mum856-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance m876-3",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance xb208",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xf204",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xb205-3ld",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance xf204-2bca dna",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance s615 eec",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m812-1 adsl-router",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m876-4",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance s615",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rm1224 lte eu",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc-622-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc-636-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rm1224 lte nam",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m816-1 adsl-router",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance mum856-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m876-3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc626-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m874-3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc-642-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance mum853-1",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m826-2 shdsl-router",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m804pb",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc-646-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance sc-632-2c",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "scalance m874-2",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30fc\u30e1\u30f3\u30b9",
"version": null
},
{
"model": "ruggedcom rm1224 lte eu",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "ruggedcom rm1224 lte nam",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m804pb",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m826-2 shdsl-router",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m874-2",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance m874-3",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance mum853-1",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance s615",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
},
{
"model": "scalance s615 eec",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "v8.0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
}
],
"trust": 0.6
},
"cve": "CVE-2022-46143",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.4,
"id": "CNVD-2023-97251",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "productcert@siemens.com",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 1.2,
"id": "CVE-2022-46143",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 2.7,
"baseSeverity": "Low",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "JVNDB-2022-023553",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "productcert@siemens.com",
"id": "CVE-2022-46143",
"trust": 1.0,
"value": "LOW"
},
{
"author": "nvd@nist.gov",
"id": "CVE-2022-46143",
"trust": 1.0,
"value": "LOW"
},
{
"author": "OTHER",
"id": "JVNDB-2022-023553",
"trust": 0.8,
"value": "Low"
},
{
"author": "CNVD",
"id": "CNVD-2023-97251",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202212-3089",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. ruggedcom rm1224 lte(4g) eu firmware, ruggedcom rm1224 lte(4g) nam firmware, scalance m804pb Multiple Siemens products, including firmware, contain a vulnerability related to improper validation of quantities specified in input.Information may be obtained. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. \n\r\n\r\nThe Siemens SCALANCE M-800/S615 series has an information disclosure vulnerability due to the affected device not properly checking the TFTP block size",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-46143"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "CNVD",
"id": "CNVD-2023-97251"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-46143",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-413565",
"trust": 2.4
},
{
"db": "SIEMENS",
"id": "SSA-180704",
"trust": 1.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-04",
"trust": 1.4
},
{
"db": "JVN",
"id": "JVNVU91561630",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2023-97251",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"id": "VAR-202212-1136",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
}
],
"trust": 1.2398166874999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
}
]
},
"last_update_date": "2024-08-14T12:11:36.523000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SCALANCE M-800/S615 series information leakage vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/500346"
},
{
"title": "Siemens part of the product Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218338"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1284",
"trust": 1.0
},
{
"problemtype": "Improper validation of quantity specified in input (CWE-1284) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"trust": 1.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-180704.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
},
{
"trust": 1.0,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180704.pdf"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu91561630/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-46143"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-349-04"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-46143/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"date": "2023-11-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"date": "2022-12-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"date": "2022-12-13T16:15:25.137000",
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-12-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2023-97251"
},
{
"date": "2023-11-29T03:03:00",
"db": "JVNDB",
"id": "JVNDB-2022-023553"
},
{
"date": "2022-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202212-3089"
},
{
"date": "2024-08-13T08:15:05.483000",
"db": "NVD",
"id": "CVE-2022-46143"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability in multiple Siemens products related to improper validation of quantities specified in inputs",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-023553"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202212-3089"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.