All the vulnerabilites related to Siemens - SIPLUS NET CP 1543-1
var-202207-0621
Vulnerability from variot
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions < V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions < V7.2), SCALANCE M804PB (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions < V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions < V7.2), SCALANCE M826-2 SHDSL-Router (All versions < V7.2), SCALANCE M874-2 (All versions < V7.2), SCALANCE M874-3 (All versions < V7.2), SCALANCE M876-3 (EVDO) (All versions < V7.2), SCALANCE M876-3 (ROK) (All versions < V7.2), SCALANCE M876-4 (All versions < V7.2), SCALANCE M876-4 (EU) (All versions < V7.2), SCALANCE M876-4 (NAM) (All versions < V7.2), SCALANCE MUM853-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (EU) (All versions < V7.2), SCALANCE MUM856-1 (RoW) (All versions < V7.2), SCALANCE S615 (All versions < V7.2), SCALANCE S615 EEC (All versions < V7.2), SCALANCE SC622-2C (All versions < V2.3), SCALANCE SC622-2C (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (All versions < V2.3), SCALANCE SC626-2C (All versions >= V2.3 < V3.0), SCALANCE SC632-2C (All versions < V2.3), SCALANCE SC632-2C (All versions >= V2.3 < V3.0), SCALANCE SC636-2C (All versions < V2.3), SCALANCE SC636-2C (All versions >= V2.3 < V3.0), SCALANCE SC642-2C (All versions < V2.3), SCALANCE SC642-2C (All versions >= V2.3 < V3.0), SCALANCE SC646-2C (All versions < V2.3), SCALANCE SC646-2C (All versions >= V2.3 < V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0621",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp 1542sp-1 irc",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1543sp-1",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
},
"cve": "CVE-2022-34821",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2022-34821",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "CNVD-2022-51634",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-34821",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2022-34821",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-34821",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2022-34821",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-51634",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-902",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-34821",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (All versions \u003c V7.2), RUGGEDCOM RM1224 LTE(4G) NAM (All versions \u003c V7.2), SCALANCE M804PB (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M812-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex A) (All versions \u003c V7.2), SCALANCE M816-1 ADSL-Router (Annex B) (All versions \u003c V7.2), SCALANCE M826-2 SHDSL-Router (All versions \u003c V7.2), SCALANCE M874-2 (All versions \u003c V7.2), SCALANCE M874-3 (All versions \u003c V7.2), SCALANCE M876-3 (EVDO) (All versions \u003c V7.2), SCALANCE M876-3 (ROK) (All versions \u003c V7.2), SCALANCE M876-4 (All versions \u003c V7.2), SCALANCE M876-4 (EU) (All versions \u003c V7.2), SCALANCE M876-4 (NAM) (All versions \u003c V7.2), SCALANCE MUM853-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (EU) (All versions \u003c V7.2), SCALANCE MUM856-1 (RoW) (All versions \u003c V7.2), SCALANCE S615 (All versions \u003c V7.2), SCALANCE S615 EEC (All versions \u003c V7.2), SCALANCE SC622-2C (All versions \u003c V2.3), SCALANCE SC622-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC626-2C (All versions \u003c V2.3), SCALANCE SC626-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC632-2C (All versions \u003c V2.3), SCALANCE SC632-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC636-2C (All versions \u003c V2.3), SCALANCE SC636-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC642-2C (All versions \u003c V2.3), SCALANCE SC642-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE SC646-2C (All versions \u003c V2.3), SCALANCE SC646-2C (All versions \u003e= V2.3 \u003c V3.0), SCALANCE WAM763-1 (All versions), SCALANCE WAM766-1 (EU) (All versions), SCALANCE WAM766-1 (US) (All versions), SCALANCE WAM766-1 EEC (EU) (All versions), SCALANCE WAM766-1 EEC (US) (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM763-1 (All versions), SCALANCE WUM766-1 (EU) (All versions), SCALANCE WUM766-1 (US) (All versions), SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34821"
},
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-34821",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-517377",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-413565",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-22-195-12",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-51634",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-349-04",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071333",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-34821",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"id": "VAR-202207-0621",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
],
"trust": 1.3950221799999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
]
},
"last_update_date": "2024-08-14T12:05:42.870000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/339696"
},
{
"title": "Siemens SIMATIC Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=228948"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-94",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-517377.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071333"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-349-04"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-cp-three-vulnerabilities-via-srcs-vpn-38784"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34821/"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-195-12"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/94.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-195-12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"date": "2022-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"date": "2022-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"date": "2022-07-12T10:15:12.393000",
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51634"
},
{
"date": "2023-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34821"
},
{
"date": "2023-03-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-902"
},
{
"date": "2023-10-10T11:15:10.703000",
"db": "NVD",
"id": "CVE-2022-34821"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC CP SRCS VPN Feature Code Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51634"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-902"
}
],
"trust": 0.6
}
}
var-202110-1670
Vulnerability from variot
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. strongSwan Exists in an integer overflow vulnerability.Denial of service (DoS) It may be put into a state. ========================================================================== Ubuntu Security Notice USN-5111-1 October 19, 2021
strongswan vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in strongSwan.
Software Description: - strongswan: IPsec VPN solution
Details:
It was discovered that strongSwan incorrectly handled certain RSASSA-PSS signatures. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2021-41990)
It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-41991)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: libstrongswan 5.9.1-1ubuntu3.1 strongswan 5.9.1-1ubuntu3.1
Ubuntu 21.04: libstrongswan 5.9.1-1ubuntu1.2 strongswan 5.9.1-1ubuntu1.2
Ubuntu 20.04 LTS: libstrongswan 5.8.2-1ubuntu3.3 strongswan 5.8.2-1ubuntu3.3
Ubuntu 18.04 LTS: libstrongswan 5.6.2-1ubuntu2.7 strongswan 5.6.2-1ubuntu2.7
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5111-1 CVE-2021-41990, CVE-2021-41991
Package Information: https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1 https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2 https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3 https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4989-1 security@debian.org https://www.debian.org/security/ Yves-Alexis Perez October 18, 2021 https://www.debian.org/security/faq
Package : strongswan CVE ID : CVE-2021-41990 CVE-2021-41991
Researchers at the United States of America National Security Agency (NSA) identified two denial of services vulnerability in strongSwan, an IKE/IPsec suite.
CVE-2021-41990
RSASSA-PSS signatures whose parameters define a very high salt length can
trigger an integer overflow that can lead to a segmentation fault.
Generating a signature that bypasses the padding check to trigger the crash
requires access to the private key that signed the certificate. However,
the certificate does not have to be trusted. Because the gmp and the
openssl plugins both check if a parsed certificate is self-signed (and the
signature is valid), this can e.g. be triggered by an unrelated
self-signed CA certificate sent by an initiator. Depending on the generated random value, this could
lead to an integer overflow that results in a double-dereference and a call
using out-of-bounds memory that most likely leads to a segmentation fault.
Remote code execution can't be ruled out completely, but attackers have no
control over the dereferenced memory, so it seems unlikely at this point.
For the oldstable distribution (buster), these problems have been fixed in version 5.7.2-1+deb10u1.
For the stable distribution (bullseye), these problems have been fixed in version 5.9.1-1+deb11u1.
We recommend that you upgrade your strongswan packages.
For the detailed security status of strongswan please refer to its security tracker page at: https://security-tracker.debian.org/tracker/strongswan
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmFtyAUACgkQ3rYcyPpX RFudiwf+NNcRRRJychLI5ycMKVxkr2tEAJDeVZjv966YBM1tXnCtROydXf5Zip2M dn/EYO71uuT5FKhs8tJyx5iv2bFcrvyqQQo6DFQvXZHR0+9U+MHcR9qB7JJDM4nK +JXOEmAv3akCFhiP6jMx5B6jRWR1e4MOwxmgrgGu/nwy2cYBQPI43qPTrXi3Fcnv eSgeyLqyZNLmaGmj8jQfTnc8bdVF5xAs6mHhVqNJxQCdouG9b4/S6AxJsl3IMxyF WZhtCNUvhHH8wz0lZVElR3Qs6fUu0phKdlT9kBv/o6fP3ceiYOCEh8SqBgYU3hQL xyB0uP4EcSR70TvKZMB2jV/tGG1A8w== =/Xvi -----END PGP SIGNATURE----- . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-08
https://security.gentoo.org/
Severity: Normal Title: strongSwan: Multiple Vulnerabilities Date: May 04, 2024 Bugs: #818841, #832460, #878887, #899964 ID: 202405-08
Synopsis
Multiple vulnerabilities have been discovered in strongSwan, the worst of which could possibly lead to remote code execution.
Background
strongSwan is an IPSec implementation for Linux.
Affected packages
Package Vulnerable Unaffected
net-vpn/strongswan < 5.9.10 >= 5.9.10
Description
Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All strongSwan users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-vpn/strongswan-5.9.10"
References
[ 1 ] CVE-2021-41991 https://nvd.nist.gov/vuln/detail/CVE-2021-41991 [ 2 ] CVE-2021-45079 https://nvd.nist.gov/vuln/detail/CVE-2021-45079 [ 3 ] CVE-2022-40617 https://nvd.nist.gov/vuln/detail/CVE-2022-40617 [ 4 ] CVE-2023-26463 https://nvd.nist.gov/vuln/detail/CVE-2023-26463
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/202405-08
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202110-1670",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance sc632-2c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc642-2c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "strongswan",
"scope": "lt",
"trust": 1.0,
"vendor": "strongswan",
"version": "5.9.4"
},
{
"model": "simatic net cp 1545-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "strongswan",
"scope": "gte",
"trust": 1.0,
"vendor": "strongswan",
"version": "4.2.10"
},
{
"model": "simatic cp 1242-7 gprs v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc636-2c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net cp1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "scalance sc622-2c",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "sinema remote connect server",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "cp 1543-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1543sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "simatic cp 1243-7 lte\\/us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "simatic cp 1542sp-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic net cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "scalance sc646-2c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.3"
},
{
"model": "siplus net cp 1543-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "strongswan",
"scope": null,
"trust": 0.8,
"vendor": "strongswan",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
}
],
"trust": 0.2
},
"cve": "CVE-2021-41991",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2021-41991",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-403107",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2021-41991",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2021-41991",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-41991",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2021-41991",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202110-1214",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-403107",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-41991",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache entry by means of a random number generator, but this is not done correctly. Remote code execution might be a slight possibility. strongSwan Exists in an integer overflow vulnerability.Denial of service (DoS) It may be put into a state. ==========================================================================\nUbuntu Security Notice USN-5111-1\nOctober 19, 2021\n\nstrongswan vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.10\n- Ubuntu 21.04\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in strongSwan. \n\nSoftware Description:\n- strongswan: IPsec VPN solution\n\nDetails:\n\nIt was discovered that strongSwan incorrectly handled certain RSASSA-PSS\nsignatures. A remote attacker could use this issue to cause strongSwan to\ncrash, resulting in a denial of service. (CVE-2021-41990)\n\nIt was discovered that strongSwan incorrectly handled replacing\ncertificates in the cache. A remote attacker could use this issue to cause\nstrongSwan to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2021-41991)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.10:\n libstrongswan 5.9.1-1ubuntu3.1\n strongswan 5.9.1-1ubuntu3.1\n\nUbuntu 21.04:\n libstrongswan 5.9.1-1ubuntu1.2\n strongswan 5.9.1-1ubuntu1.2\n\nUbuntu 20.04 LTS:\n libstrongswan 5.8.2-1ubuntu3.3\n strongswan 5.8.2-1ubuntu3.3\n\nUbuntu 18.04 LTS:\n libstrongswan 5.6.2-1ubuntu2.7\n strongswan 5.6.2-1ubuntu2.7\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5111-1\n CVE-2021-41990, CVE-2021-41991\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1\n https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2\n https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3\n https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4989-1 security@debian.org\nhttps://www.debian.org/security/ Yves-Alexis Perez\nOctober 18, 2021 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : strongswan\nCVE ID : CVE-2021-41990 CVE-2021-41991\n\nResearchers at the United States of America National Security Agency (NSA)\nidentified two denial of services vulnerability in strongSwan, an IKE/IPsec\nsuite. \n\nCVE-2021-41990\n\n RSASSA-PSS signatures whose parameters define a very high salt length can\n trigger an integer overflow that can lead to a segmentation fault. \n Generating a signature that bypasses the padding check to trigger the crash\n requires access to the private key that signed the certificate. However,\n the certificate does not have to be trusted. Because the gmp and the\n openssl plugins both check if a parsed certificate is self-signed (and the\n signature is valid), this can e.g. be triggered by an unrelated\n self-signed CA certificate sent by an initiator. Depending on the generated random value, this could\n lead to an integer overflow that results in a double-dereference and a call\n using out-of-bounds memory that most likely leads to a segmentation fault. \n Remote code execution can\u0027t be ruled out completely, but attackers have no\n control over the dereferenced memory, so it seems unlikely at this point. \n\nFor the oldstable distribution (buster), these problems have been fixed\nin version 5.7.2-1+deb10u1. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 5.9.1-1+deb11u1. \n\nWe recommend that you upgrade your strongswan packages. \n\nFor the detailed security status of strongswan please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/strongswan\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQEzBAEBCgAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmFtyAUACgkQ3rYcyPpX\nRFudiwf+NNcRRRJychLI5ycMKVxkr2tEAJDeVZjv966YBM1tXnCtROydXf5Zip2M\ndn/EYO71uuT5FKhs8tJyx5iv2bFcrvyqQQo6DFQvXZHR0+9U+MHcR9qB7JJDM4nK\n+JXOEmAv3akCFhiP6jMx5B6jRWR1e4MOwxmgrgGu/nwy2cYBQPI43qPTrXi3Fcnv\neSgeyLqyZNLmaGmj8jQfTnc8bdVF5xAs6mHhVqNJxQCdouG9b4/S6AxJsl3IMxyF\nWZhtCNUvhHH8wz0lZVElR3Qs6fUu0phKdlT9kBv/o6fP3ceiYOCEh8SqBgYU3hQL\nxyB0uP4EcSR70TvKZMB2jV/tGG1A8w==\n=/Xvi\n-----END PGP SIGNATURE-----\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 202405-08\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: strongSwan: Multiple Vulnerabilities\n Date: May 04, 2024\n Bugs: #818841, #832460, #878887, #899964\n ID: 202405-08\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n=======\nMultiple vulnerabilities have been discovered in strongSwan, the worst\nof which could possibly lead to remote code execution. \n\nBackground\n=========\nstrongSwan is an IPSec implementation for Linux. \n\nAffected packages\n================\nPackage Vulnerable Unaffected\n------------------ ------------ ------------\nnet-vpn/strongswan \u003c 5.9.10 \u003e= 5.9.10\n\nDescription\n==========\nMultiple vulnerabilities have been discovered in strongSwan. Please\nreview the CVE identifiers referenced below for details. \n\nImpact\n=====\nPlease review the referenced CVE identifiers for details. \n\nWorkaround\n=========\nThere is no known workaround at this time. \n\nResolution\n=========\nAll strongSwan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-vpn/strongswan-5.9.10\"\n\nReferences\n=========\n[ 1 ] CVE-2021-41991\n https://nvd.nist.gov/vuln/detail/CVE-2021-41991\n[ 2 ] CVE-2021-45079\n https://nvd.nist.gov/vuln/detail/CVE-2021-45079\n[ 3 ] CVE-2022-40617\n https://nvd.nist.gov/vuln/detail/CVE-2022-40617\n[ 4 ] CVE-2023-26463\n https://nvd.nist.gov/vuln/detail/CVE-2023-26463\n\nAvailability\n===========\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/202405-08\n\nConcerns?\n========\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n======\nCopyright 2024 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttps://creativecommons.org/licenses/by-sa/2.5\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
},
{
"db": "PACKETSTORM",
"id": "169143"
},
{
"db": "PACKETSTORM",
"id": "178454"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-41991",
"trust": 3.8
},
{
"db": "SIEMENS",
"id": "SSA-539476",
"trust": 1.7
},
{
"db": "JVN",
"id": "JVNVU98748974",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "164558",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164554",
"trust": 0.7
},
{
"db": "CS-HELP",
"id": "SB2021101947",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3463",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3488",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-403107",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-41991",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "169143",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "178454",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
},
{
"db": "PACKETSTORM",
"id": "169143"
},
{
"db": "PACKETSTORM",
"id": "178454"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"id": "VAR-202110-1670",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-403107"
}
],
"trust": 0.7521640566666667
},
"last_update_date": "2024-08-14T12:28:52.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "strongSwan\u00a0Vulnerability\u00a0(CVE-2021-41991)",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html"
},
{
"title": "strongSwan Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=166640"
},
{
"title": "Debian Security Advisories: DSA-4989-1 strongswan -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=35fdad388753f5d88f528a33acdb09b3"
},
{
"title": "Red Hat: CVE-2021-41991",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2021-41991"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-41991 log"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.1
},
{
"problemtype": "Integer overflow or wraparound (CWE-190) [NVD Evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.debian.org/security/2021/dsa-4989"
},
{
"trust": 1.8,
"url": "https://github.com/strongswan/strongswan/releases/tag/5.9.4"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00014.html"
},
{
"trust": 1.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41991"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-539476.pdf"
},
{
"trust": 1.1,
"url": "https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-%28cve-2021-41991%29.html"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5fjsatd2r2xhtg4p63gcmq2n7ewkmme5/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/wqsq3bec22nf4ncdzvct4p3q2ziajxgj/"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/y3tq32jljobjdb2ejksx2pbpb5nfg2d4/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98748974/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5fjsatd2r2xhtg4p63gcmq2n7ewkmme5/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/y3tq32jljobjdb2ejksx2pbpb5nfg2d4/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/wqsq3bec22nf4ncdzvct4p3q2ziajxgj/"
},
{
"trust": 0.7,
"url": "https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41991).html"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/cve/cve-2021-41991"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/strongswan-integer-overflow-via-in-memory-certificate-cache-36667"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3463"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164558/ubuntu-security-notice-usn-5111-2.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021101947"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3488"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164554/ubuntu-security-notice-usn-5111-1.html"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5111-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41990"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5111-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu3.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/strongswan/5.8.2-1ubuntu3.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/strongswan/5.9.1-1ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/strongswan/5.6.2-1ubuntu2.7"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/strongswan"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-45079"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/glsa/202405-08"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-40617"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2023-26463"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
},
{
"db": "PACKETSTORM",
"id": "169143"
},
{
"db": "PACKETSTORM",
"id": "178454"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-403107"
},
{
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
},
{
"db": "PACKETSTORM",
"id": "169143"
},
{
"db": "PACKETSTORM",
"id": "178454"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-403107"
},
{
"date": "2021-10-18T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"date": "2022-02-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"date": "2021-10-20T15:43:57",
"db": "PACKETSTORM",
"id": "164558"
},
{
"date": "2021-10-19T15:31:42",
"db": "PACKETSTORM",
"id": "164554"
},
{
"date": "2021-10-28T19:12:00",
"db": "PACKETSTORM",
"id": "169143"
},
{
"date": "2024-05-06T13:54:27",
"db": "PACKETSTORM",
"id": "178454"
},
{
"date": "2021-10-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"date": "2021-10-18T14:15:10.333000",
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-04-12T00:00:00",
"db": "VULHUB",
"id": "VHN-403107"
},
{
"date": "2021-10-21T00:00:00",
"db": "VULMON",
"id": "CVE-2021-41991"
},
{
"date": "2022-02-15T00:53:00",
"db": "JVNDB",
"id": "JVNDB-2021-007493"
},
{
"date": "2022-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202110-1214"
},
{
"date": "2023-11-07T03:39:05.350000",
"db": "NVD",
"id": "CVE-2021-41991"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "164558"
},
{
"db": "PACKETSTORM",
"id": "164554"
},
{
"db": "PACKETSTORM",
"id": "178454"
},
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "strongSwan\u00a0 Integer overflow vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-007493"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202110-1214"
}
],
"trust": 0.6
}
}
var-202207-0620
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0620",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp 1542sp-1 irc",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1543sp-1",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.28"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.28"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "simatic cp 1243-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "simatic cp 1543sp-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.28"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic cp 1542sp-1 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.28"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.3.46"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.2.28"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
}
],
"trust": 0.6
},
"cve": "CVE-2022-34820",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2022-34820",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 6.5,
"id": "CNVD-2022-51635",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-34820",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "productcert@siemens.com",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.7,
"id": "CVE-2022-34820",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-34820",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2022-34820",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2022-51635",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-903",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2022-34820",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34820"
},
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "VULMON",
"id": "CVE-2022-34820"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-34820",
"trust": 2.3
},
{
"db": "SIEMENS",
"id": "SSA-517377",
"trust": 2.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-195-12",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-51635",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071333",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-34820",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"id": "VAR-202207-0620",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
}
],
"trust": 1.3950221799999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
}
]
},
"last_update_date": "2024-08-14T12:58:52.107000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SIMATIC CP SRCS VPN Feature Command Injection Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/339691"
},
{
"title": "Multiple Siemens SIMATIC Product Command Injection Vulnerability Fixes",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=228949"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-77",
"trust": 1.0
},
{
"problemtype": "CWE-116",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-517377.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071333"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34820/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-cp-three-vulnerabilities-via-srcs-vpn-38784"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-195-12"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/116.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-195-12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"date": "2022-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"date": "2022-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"date": "2022-07-12T10:15:12.343000",
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51635"
},
{
"date": "2023-06-29T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34820"
},
{
"date": "2023-06-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-903"
},
{
"date": "2023-06-29T15:34:19.477000",
"db": "NVD",
"id": "CVE-2022-34820"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC CP SRCS VPN Feature Command Injection Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51635"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "command injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-903"
}
],
"trust": 0.6
}
}
var-201611-0025
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service. Siemens SIMATIC CP 1543-1 Is SNMPv3 Write access or SNMPv1 Service operation disruption when is enabled (DoS) There are vulnerabilities that are put into a state.By a remotely authenticated user SNMP Service operation disruption by changing variables (DoS) There is a possibility of being put into a state. SIEMENSSIMATICCP1543-1 is a communication processor that integrates security functions such as firewall, VPN, security protocol, data encryption, etc. It provides network connection and secure communication of s7-1500 controller. A denial of service vulnerability exists in the SIEMENSSIMATICCP1543-1 device. When SNMPv3 write access or SNMPv1 is turned on, an attacker exploits vulnerabilities to modify SNMP variables through the 161/udp port, thereby reducing availability or causing denial of service attacks. Siemens SIMATIC CP 1543-1 is prone to a privilege-escalation vulnerability and a denial-of-service vulnerability. Attackers can leverage these issues to gain elevated privileges and cause denial-of-service conditions on the affected device. Siemens SIMATIC CP 1543-1 is a controller of Germany's Siemens (Siemens) company that is used to connect communication processors to Ethernet and provides integrated security functions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201611-0025",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.8,
"vendor": "siemens",
"version": "2.0.28"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "2.0.28"
},
{
"model": "simatic cp 1543-1",
"scope": null,
"trust": 0.8,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c2.0.28"
},
{
"model": "simatic cp 1543-1",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": null
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.3,
"vendor": "siemens",
"version": "1543-10"
},
{
"model": "simatic cp",
"scope": "ne",
"trust": 0.3,
"vendor": "siemens",
"version": "1543-12.0.28"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "simatic cp 1543 1",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "BID",
"id": "94436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:siemens:simatic_cp_1543-1",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:siemens:simatic_cp_1543-1_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "These vulnerabilities were coordinated directly with Siemens by SOGETI and Agence nationale de la s\u00e9curit\u00e9 des syst\u00e8mes d\u2019information (ANSSI).",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
}
],
"trust": 0.6
},
"cve": "CVE-2016-8562",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CVE-2016-8562",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.9,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "CNVD-2016-11368",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 4.9,
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-97382",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"id": "CVE-2016-8562",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2016-8562",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-8562",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-8562",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-11368",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201611-446",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66",
"trust": 0.2,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-97382",
"trust": 0.1,
"value": "LOW"
},
{
"author": "VULMON",
"id": "CVE-2016-8562",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1543-1 (All versions \u003c V2.0.28), SIPLUS NET CP 1543-1 (All versions \u003c V2.0.28). Under special conditions it was possible to write SNMP variables on port 161/udp which should be read-only and should only be configured with TIA-Portal. A write to these variables could reduce the availability or cause a denial-of-service. Siemens SIMATIC CP 1543-1 Is SNMPv3 Write access or SNMPv1 Service operation disruption when is enabled (DoS) There are vulnerabilities that are put into a state.By a remotely authenticated user SNMP Service operation disruption by changing variables (DoS) There is a possibility of being put into a state. SIEMENSSIMATICCP1543-1 is a communication processor that integrates security functions such as firewall, VPN, security protocol, data encryption, etc. It provides network connection and secure communication of s7-1500 controller. A denial of service vulnerability exists in the SIEMENSSIMATICCP1543-1 device. When SNMPv3 write access or SNMPv1 is turned on, an attacker exploits vulnerabilities to modify SNMP variables through the 161/udp port, thereby reducing availability or causing denial of service attacks. Siemens SIMATIC CP 1543-1 is prone to a privilege-escalation vulnerability and a denial-of-service vulnerability. \nAttackers can leverage these issues to gain elevated privileges and cause denial-of-service conditions on the affected device. Siemens SIMATIC CP 1543-1 is a controller of Germany\u0027s Siemens (Siemens) company that is used to connect communication processors to Ethernet and provides integrated security functions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-8562"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "BID",
"id": "94436"
},
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "VULMON",
"id": "CVE-2016-8562"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-8562",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-16-327-01",
"trust": 2.9
},
{
"db": "BID",
"id": "94436",
"trust": 2.7
},
{
"db": "SIEMENS",
"id": "SSA-672373",
"trust": 2.7
},
{
"db": "CNVD",
"id": "CNVD-2016-11368",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921",
"trust": 0.8
},
{
"db": "IVD",
"id": "FE6B4AE9-2BA1-4C21-AF48-55D5ED245B66",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-97382",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-8562",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"db": "BID",
"id": "94436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"id": "VAR-201611-0025",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "VULHUB",
"id": "VHN-97382"
}
],
"trust": 1.8117647
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
}
]
},
"last_update_date": "2024-08-14T14:39:56.892000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSA-672373",
"trust": 0.8,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-672373.pdf"
},
{
"title": "SIEMENSSIMATICCP1543-1 device denial of service vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/84113"
},
{
"title": "Siemens SIMATIC CP 1543-1 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65784"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-327-01"
},
{
"trust": 2.7,
"url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-672373.pdf"
},
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/94436"
},
{
"trust": 1.8,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-672373.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-8562"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-8562"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-16-327-01"
},
{
"trust": 0.3,
"url": "http://www.siemens.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-16-327-01"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"db": "BID",
"id": "94436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"db": "VULHUB",
"id": "VHN-97382"
},
{
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"db": "BID",
"id": "94436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-21T00:00:00",
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"date": "2016-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"date": "2016-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-97382"
},
{
"date": "2016-11-18T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"date": "2016-11-18T00:00:00",
"db": "BID",
"id": "94436"
},
{
"date": "2016-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"date": "2016-11-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"date": "2016-11-18T21:59:02.033000",
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-11-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-11368"
},
{
"date": "2016-12-22T00:00:00",
"db": "VULHUB",
"id": "VHN-97382"
},
{
"date": "2022-04-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-8562"
},
{
"date": "2016-11-24T00:16:00",
"db": "BID",
"id": "94436"
},
{
"date": "2016-11-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-005921"
},
{
"date": "2022-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201611-446"
},
{
"date": "2024-07-24T14:26:41.253000",
"db": "NVD",
"id": "CVE-2016-8562"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SIEMENS SIMATIC CP 1543-1 Device Denial of Service Vulnerability",
"sources": [
{
"db": "IVD",
"id": "fe6b4ae9-2ba1-4c21-af48-55d5ed245b66"
},
{
"db": "CNVD",
"id": "CNVD-2016-11368"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201611-446"
}
],
"trust": 0.6
}
}
var-202207-0622
Vulnerability from variot
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202207-0622",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "simatic cp 1542sp-1 irc",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1543sp-1",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1542sp-1 irc tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "siplus et 200sp cp 1543sp-1 isec tx rail",
"scope": "gte",
"trust": 1.6,
"vendor": "siemens",
"version": "2.0"
},
{
"model": "simatic cp 1243-7 lte eu",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus s7-1200 cp 1243-1 rail",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "siplus net cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-7 lte us",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1242-7 v2",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp 1243-1",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic cp 1243-8 irc",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "simatic cp lte eu",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp lte us",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-7"
},
{
"model": "simatic cp irc",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-8"
},
{
"model": "simatic cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1242-7v2"
},
{
"model": "siplus net cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1543-1\u003c3.0.22"
},
{
"model": "siplus s7-1200 cp",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
},
{
"model": "siplus s7-1200 cp rail",
"scope": "eq",
"trust": 0.6,
"vendor": "siemens",
"version": "1243-1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens reported these vulnerabilities to CISA.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
}
],
"trust": 0.6
},
"cve": "CVE-2022-34819",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2022-34819",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2022-51636",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-34819",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-34819",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "productcert@siemens.com",
"id": "CVE-2022-34819",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2022-51636",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202207-904",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2022-34819",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device. The SIMATIC CP 1242-7 and CP 1243-7 LTE communication processors connect the SIMATIC S7-1200 controllers to a wide area network (WAN). They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1243-8 IRC communication processor connects the SIMATIC S7-1200 controller to the control center or ST7 master via the SINAUT ST7 telecontrol protocol. The SIMATIC CP 1543-1 communications processor connects the SIMATIC S7-1500 controller to Ethernet. They provide integrated security features such as firewalls, virtual private networks (VPNs), and support other protocols with data encryption. The SIMATIC CP 1543SP-1, CP 1542SP-1 and CP 1542SP-1 IRC communication processors connect the SIMATIC ET 200SP controllers to Ethernet. The SIMATIC CP 1543SP-1 and CP 1542SP-1 IRC communication processors also offer integrated security functions such as firewalls, virtual private networks (VPN) or support for other data encryption protocols. SIPLUSextreme products are designed for reliable operation under extreme conditions and are based on SIMATIC, LOGO!, SITOP, SINAMICS, SIMOTION, SCALANCE or other devices. SIPLUS devices use the same firmware on which they are based",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34819"
},
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "VULMON",
"id": "CVE-2022-34819"
}
],
"trust": 1.53
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SIEMENS",
"id": "SSA-517377",
"trust": 2.3
},
{
"db": "NVD",
"id": "CVE-2022-34819",
"trust": 2.3
},
{
"db": "ICS CERT",
"id": "ICSA-22-195-12",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2022-51636",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022071333",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2022-34819",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"id": "VAR-202207-0622",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
}
],
"trust": 1.3950221799999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
}
]
},
"last_update_date": "2024-08-14T12:14:15.137000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Siemens SIMATIC CP SRCS VPN Feature Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/339686"
},
{
"title": "Multiple Siemens Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=228950"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-122",
"trust": 1.0
},
{
"problemtype": "CWE-787",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-517377.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022071333"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-34819/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/siemens-simatic-cp-three-vulnerabilities-via-srcs-vpn-38784"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-195-12"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/122.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-195-12"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"date": "2022-07-12T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"date": "2022-07-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"date": "2022-07-12T10:15:12.293000",
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-07-15T00:00:00",
"db": "CNVD",
"id": "CNVD-2022-51636"
},
{
"date": "2023-03-14T00:00:00",
"db": "VULMON",
"id": "CVE-2022-34819"
},
{
"date": "2023-03-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202207-904"
},
{
"date": "2023-03-14T10:15:21.217000",
"db": "NVD",
"id": "CVE-2022-34819"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Siemens SIMATIC CP SRCS VPN Feature Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2022-51636"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202207-904"
}
],
"trust": 0.6
}
}
var-202108-2222
Vulnerability from variot
libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths case insensitively,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. A security issue has been found in curl before version 7.78.0. The comparison also didn't include the 'issuer cert' which a transfer can set to qualify how to verify the server certificate. ========================================================================== Ubuntu Security Notice USN-5021-1 July 22, 2021
curl vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.04
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in curl.
Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries
Details:
Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. (CVE-2021-22898, CVE-2021-22925)
Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. (CVE-2021-22924)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.04: curl 7.74.0-1ubuntu2.1 libcurl3-gnutls 7.74.0-1ubuntu2.1 libcurl3-nss 7.74.0-1ubuntu2.1 libcurl4 7.74.0-1ubuntu2.1
Ubuntu 20.04 LTS: curl 7.68.0-1ubuntu2.6 libcurl3-gnutls 7.68.0-1ubuntu2.6 libcurl3-nss 7.68.0-1ubuntu2.6 libcurl4 7.68.0-1ubuntu2.6
Ubuntu 18.04 LTS: curl 7.58.0-2ubuntu3.14 libcurl3-gnutls 7.58.0-2ubuntu3.14 libcurl3-nss 7.58.0-2ubuntu3.14 libcurl4 7.58.0-2ubuntu3.14
In general, a standard system update will make all the necessary changes. Description:
Red Hat 3scale API Management delivers centralized API management features through a distributed, cloud-hosted layer. It includes built-in features to help in building a more successful API program, including access control, rate limits, payment gateway integration, and developer experience tools. Bugs fixed (https://bugzilla.redhat.com/):
1869800 - CVE-2020-8911 aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang 1869801 - CVE-2020-8912 aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang 1930083 - CVE-2021-3442 PT RHOAM: XSS in 3scale at various places
- Bugs fixed (https://bugzilla.redhat.com/):
2007489 - RHACM 2.1.12 images 2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets 2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request 2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser 2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure 2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams 2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack 2011020 - CVE-2021-41099 redis: Integer overflow issue with strings
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Moderate: curl security update Advisory ID: RHSA-2021:3582-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3582 Issue date: 2021-09-21 CVE Names: CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 =====================================================================
- Summary:
An update for curl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64
- Description:
The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP.
Security Fix(es):
-
curl: Content not matching hash in Metalink is not being discarded (CVE-2021-22922)
-
curl: Metalink download sends credentials (CVE-2021-22923)
-
curl: Bad connection reuse due to flawed path name checks (CVE-2021-22924)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1981435 - CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded 1981438 - CVE-2021-22923 curl: Metalink download sends credentials 1981460 - CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks
- Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source: curl-7.61.1-18.el8_4.1.src.rpm
aarch64: curl-7.61.1-18.el8_4.1.aarch64.rpm curl-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm curl-debugsource-7.61.1-18.el8_4.1.aarch64.rpm curl-minimal-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm libcurl-7.61.1-18.el8_4.1.aarch64.rpm libcurl-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm libcurl-devel-7.61.1-18.el8_4.1.aarch64.rpm libcurl-minimal-7.61.1-18.el8_4.1.aarch64.rpm libcurl-minimal-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm
ppc64le: curl-7.61.1-18.el8_4.1.ppc64le.rpm curl-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm curl-debugsource-7.61.1-18.el8_4.1.ppc64le.rpm curl-minimal-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm libcurl-7.61.1-18.el8_4.1.ppc64le.rpm libcurl-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm libcurl-devel-7.61.1-18.el8_4.1.ppc64le.rpm libcurl-minimal-7.61.1-18.el8_4.1.ppc64le.rpm libcurl-minimal-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm
s390x: curl-7.61.1-18.el8_4.1.s390x.rpm curl-debuginfo-7.61.1-18.el8_4.1.s390x.rpm curl-debugsource-7.61.1-18.el8_4.1.s390x.rpm curl-minimal-debuginfo-7.61.1-18.el8_4.1.s390x.rpm libcurl-7.61.1-18.el8_4.1.s390x.rpm libcurl-debuginfo-7.61.1-18.el8_4.1.s390x.rpm libcurl-devel-7.61.1-18.el8_4.1.s390x.rpm libcurl-minimal-7.61.1-18.el8_4.1.s390x.rpm libcurl-minimal-debuginfo-7.61.1-18.el8_4.1.s390x.rpm
x86_64: curl-7.61.1-18.el8_4.1.x86_64.rpm curl-debuginfo-7.61.1-18.el8_4.1.i686.rpm curl-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm curl-debugsource-7.61.1-18.el8_4.1.i686.rpm curl-debugsource-7.61.1-18.el8_4.1.x86_64.rpm curl-minimal-debuginfo-7.61.1-18.el8_4.1.i686.rpm curl-minimal-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm libcurl-7.61.1-18.el8_4.1.i686.rpm libcurl-7.61.1-18.el8_4.1.x86_64.rpm libcurl-debuginfo-7.61.1-18.el8_4.1.i686.rpm libcurl-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm libcurl-devel-7.61.1-18.el8_4.1.i686.rpm libcurl-devel-7.61.1-18.el8_4.1.x86_64.rpm libcurl-minimal-7.61.1-18.el8_4.1.i686.rpm libcurl-minimal-7.61.1-18.el8_4.1.x86_64.rpm libcurl-minimal-debuginfo-7.61.1-18.el8_4.1.i686.rpm libcurl-minimal-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2021-22922 https://access.redhat.com/security/cve/CVE-2021-22923 https://access.redhat.com/security/cve/CVE-2021-22924 https://access.redhat.com/security/updates/classification/#moderate
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBYUmbl9zjgjWX9erEAQi0VRAAkVIQKLPCBEK+Dy1js5VwXXZssOhvgmm/ xe9piCdrgBrbILxPEY0hkPYCmw3hKsRWD3FCMou6275HUJydJQpqANDmP/msUZOE LYJcM6cMWR7/2HWtgx6BQ5z6PZte+vzetzoHPDjI8O25kqd+BfT6JN0wCzKUQrUO auFPz1Sqj3UG1PHB62fSBJ4MpmRrCtJJh/Q84Rfp2JilVmsCpAOCm+gHEye3tu49 yF0fSA+JLS9Ut1XzaktucevPiwApj2dmxuagGFftvPzaP+cMz5V7Hv5akI89uapk L+Q4T37Fx53MQg+CAI1uDg2jxkfk96fijCoM2oczsQW4Np0HWH2tyAkg9+gJCB3h KScu9RXUr3uYCSoy9zyurEceoGbJWDRvh9B/0BNhY6ywjG+c/+bXAJDDs0pA049g CkpJERsNGhgXgDm+ONgVwxaHDRKlcX6wYTgyWfAw9qOLmhZrQbhfSzt9ebhpd0HL Avv8qpCjtxTx5E9QBAlnDcUCb3cqQkD3/j9y9I4zAtAFoF6oWQ4xqQO8cJqGNPZ/ qztENtA7CKd0bgYEPOuujdWtTnK/s3iww+LRkCuzHNzNneQGeSziZJfB38rlKCLq lZHwCRl0EYrfcjBziwR6LLbpEe2u6vdsQKDfPXHuld+wfgYTTmtxhTVPMy8FKSf5 TuOJZuxQys4= =DwWr -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . Summary:
The Migration Toolkit for Containers (MTC) 1.6.0 is now available. Description:
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):
1878824 - Web console is not accessible when deployed on OpenShift cluster on IBM Cloud 1887526 - "Stage" pods fail when migrating from classic OpenShift source cluster on IBM Cloud with block storage 1899562 - MigMigration custom resource does not display an error message when a migration fails because of volume mount error 1936886 - Service account token of existing remote cluster cannot be updated by using the web console 1936894 - "Ready" status of MigHook and MigPlan custom resources is not synchronized automatically 1949117 - "Migration plan resources" page displays a permanent error message when a migration plan is deleted from the backend 1951869 - MigPlan custom resource does not detect invalid source cluster reference 1968621 - Paused deployment config causes a migration to hang 1970338 - Parallel migrations fail because the initial backup is missing 1974737 - Migration plan name length in the "Migration plan" wizard is not validated 1975369 - "Debug view" link text on "Migration plans" page can be improved 1975372 - Destination namespace in MigPlan custom resource is not validated 1976895 - Namespace mapping cannot be changed using the Migration Plan wizard 1981810 - "Excluded" resources are not excluded from the migration 1982026 - Direct image migration fails if the source URI contains a double slash ("//") 1994985 - Web console crashes when a MigPlan custom resource is created with an empty namespaces list 1996169 - When "None" is selected as the target storage class in the web console, the setting is ignored and the default storage class is used 1996627 - MigPlan custom resource displays a "PvUsageAnalysisFailed" warning after a successful PVC migration 1996784 - "Migration resources" tree on the "Migration details" page is not displayed 1996902 - "Select all" checkbox on the "Namespaces" page of the "Migration plan" wizard remains selected after a namespace is unselected 1996904 - "Migration" dialogs on the "Migration plans" page display inconsistent capitalization 1996906 - "Migration details" page link is displayed for a migration plan with no associated migrations 1996938 - Search function on "Migration plans" page displays no results 1997051 - Indirect migration from MTC 1.5.1 to 1.6.0 fails during "StageBackup" phase 1997127 - Direct volume migration "retry" feature does not work correctly after a network failure 1997173 - Migration of custom resource definitions to OpenShift Container Platform 4.9 fails because of API version incompatibility 1997180 - "migration-log-reader" pod does not log invalid Rsync options 1997665 - Selected PVCs in the "State migration" dialog are reset because of background polling 1997694 - "Update operator" link on the "Clusters" page is incorrect 1997827 - "Migration plan" wizard displays PVC names incorrectly formatted after running state migration 1998062 - Rsync pod uses upstream image 1998283 - "Migration step details" link on the "Migrations" page does not work 1998550 - "Migration plan" wizard does not support certain screen resolutions 1998581 - "Migration details" link on "Migration plans" page displays "latestIsFailed" error 1999113 - "oc describe" and "oc log" commands on "Migration resources" tree cannot be copied after failed migration 1999381 - MigPlan custom resource displays "Stage completed with warnings" status after successful migration 1999528 - Position of the "Add migration plan" button is different from the other "Add" buttons 1999765 - "Migrate" button on "State migration" dialog is enabled when no PVCs are selected 1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function 2000205 - "Options" menu on the "Migration details" page displays incorrect items 2000218 - Validation incorrectly blocks namespace mapping if a source cluster namespace is the same as the destination namespace 2000243 - "Migration plan" wizard does not allow a migration within the same cluster 2000644 - Invalid migration plan causes "controller" pod to crash 2000875 - State migration status on "Migrations" page displays "Stage succeeded" message 2000979 - "clusterIPs" parameter of "service" object can cause Velero errors 2001089 - Direct volume migration fails because of missing CA path configuration 2001173 - Migration plan requires two clusters 2001786 - Migration fails during "Stage Backup" step because volume path on host not found 2001829 - Migration does not complete when the namespace contains a cron job with a PVC 2001941 - Fixing PVC conflicts in state migration plan using the web console causes the migration to run twice 2002420 - "Stage" pod not created for completed application pod, causing the "mig-controller" to stall 2002608 - Migration of unmounted PVC fails during "StageBackup" phase 2002897 - Rollback migration does not complete when the namespace contains a cron job 2003603 - "View logs" dialog displays the "--selector" option, which does not print all logs 2004601 - Migration plan status on "Migration plans" page is "Ready" after migration completed with warnings 2004923 - Web console displays "New operator version available" notification for incorrect operator 2005143 - Combining Rsync and Stunnel in a single pod can degrade performance 2006316 - Web console cannot create migration plan in a proxy environment 2007175 - Web console cannot be launched in a proxy environment
- JIRA issues fixed (https://issues.jboss.org/):
MIG-785 - Search for "Crane" in the Operator Hub should display the Migration Toolkit for Containers
- Summary:
Red Hat Advanced Cluster Management for Kubernetes 2.1.11 General Availability release images, which provide a security fix and update the container images. Description:
Red Hat Advanced Cluster Management for Kubernetes 2.1.11 images
Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in.
This advisory contains updates to one or more container images for Red Hat Advanced Cluster Management for Kubernetes.
Container updates:
-
RHACM 2.1.11 images (BZ# 1999375)
-
Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied. To apply this upgrade, you must upgrade your OpenShift Container Platform version to 4.6, or later. Bugs fixed (https://bugzilla.redhat.com/):
1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name 1999375 - RHACM 2.1.11 images
- These flaws may allow remote attackers to obtain sensitive information, leak authentication or cookie header data or facilitate a denial of service attack.
For the stable distribution (bullseye), these problems have been fixed in version 7.74.0-1.3+deb11u2.
We recommend that you upgrade your curl packages.
For the detailed security status of curl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/curl
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K i8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD waofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp rXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz Uao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE yIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab SPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF REStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R 1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt TV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38 EPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA= =3E71 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202108-2222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "scalance m804pb",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "universal forwarder",
"scope": "eq",
"trust": 1.0,
"vendor": "splunk",
"version": "9.1.0"
},
{
"model": "simatic rtu3030c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "solidfire \\\u0026 hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "sinema remote connect server",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "scalance m816-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "simatic rtu 3041c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0.14"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "11.0"
},
{
"model": "universal forwarder",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "9.0.6"
},
{
"model": "sinec infrastructure network services",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.0.1.1"
},
{
"model": "universal forwarder",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "9.0.0"
},
{
"model": "mysql server",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.26"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "mysql server",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.7.0"
},
{
"model": "sinema remote connect",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.1"
},
{
"model": "universal forwarder",
"scope": "gte",
"trust": 1.0,
"vendor": "splunk",
"version": "8.2.0"
},
{
"model": "simatic rtu3010c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0.14"
},
{
"model": "logo\\! cmr2040",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "ruggedcomrm 1224 lte",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic cp 1545-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "1.1"
},
{
"model": "scalance m876-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "scalance s615",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "scalance m812-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "mysql server",
"scope": "gte",
"trust": 1.0,
"vendor": "oracle",
"version": "8.0.0"
},
{
"model": "logo\\! cmr2020",
"scope": "eq",
"trust": 1.0,
"vendor": "siemens",
"version": "*"
},
{
"model": "scalance mum856-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "simatic rtu3031c",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "5.0.14"
},
{
"model": "scalance m876-4",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.58"
},
{
"model": "libcurl",
"scope": "gte",
"trust": 1.0,
"vendor": "haxx",
"version": "7.10.4"
},
{
"model": "scalance m874-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "siplus net cp 1543-1",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "3.0.22"
},
{
"model": "universal forwarder",
"scope": "lt",
"trust": 1.0,
"vendor": "splunk",
"version": "8.2.12"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.57"
},
{
"model": "scalance m874-3",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "libcurl",
"scope": "lt",
"trust": 1.0,
"vendor": "haxx",
"version": "7.77.0"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.59"
},
{
"model": "mysql server",
"scope": "lte",
"trust": 1.0,
"vendor": "oracle",
"version": "5.7.36"
},
{
"model": "scalance m826-2",
"scope": "lt",
"trust": 1.0,
"vendor": "siemens",
"version": "7.1"
},
{
"model": "solidfire baseboard management controller",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "cloud backup",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "164523"
},
{
"db": "PACKETSTORM",
"id": "164562"
},
{
"db": "PACKETSTORM",
"id": "164511"
},
{
"db": "PACKETSTORM",
"id": "164583"
},
{
"db": "PACKETSTORM",
"id": "164221"
},
{
"db": "PACKETSTORM",
"id": "164342"
},
{
"db": "PACKETSTORM",
"id": "164282"
},
{
"db": "PACKETSTORM",
"id": "164948"
}
],
"trust": 0.8
},
"cve": "CVE-2021-22924",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2021-22924",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-381398",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.2,
"id": "CVE-2021-22924",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2021-22924",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-1569",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-381398",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take \u0027issuercert\u0027 into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can setto qualify how to verify the server certificate. A security issue has been found in curl before version 7.78.0. The comparison also didn\u0027t include the \u0027issuer cert\u0027 which a transfer can set to qualify how to verify the server certificate. ==========================================================================\nUbuntu Security Notice USN-5021-1\nJuly 22, 2021\n\ncurl vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 21.04\n- Ubuntu 20.04 LTS\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in curl. \n\nSoftware Description:\n- curl: HTTP, HTTPS, and FTP client and client libraries\n\nDetails:\n\nHarry Sintonen and Tomas Hoger discovered that curl incorrectly handled\nTELNET connections when the -t option was used on the command line. \nUninitialized data possibly containing sensitive information could be sent\nto the remote server, contrary to expectations. (CVE-2021-22898,\nCVE-2021-22925)\n\nHarry Sintonen discovered that curl incorrectly reused connections in the\nconnection pool. This could result in curl reusing the wrong connections. \n(CVE-2021-22924)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 21.04:\n curl 7.74.0-1ubuntu2.1\n libcurl3-gnutls 7.74.0-1ubuntu2.1\n libcurl3-nss 7.74.0-1ubuntu2.1\n libcurl4 7.74.0-1ubuntu2.1\n\nUbuntu 20.04 LTS:\n curl 7.68.0-1ubuntu2.6\n libcurl3-gnutls 7.68.0-1ubuntu2.6\n libcurl3-nss 7.68.0-1ubuntu2.6\n libcurl4 7.68.0-1ubuntu2.6\n\nUbuntu 18.04 LTS:\n curl 7.58.0-2ubuntu3.14\n libcurl3-gnutls 7.58.0-2ubuntu3.14\n libcurl3-nss 7.58.0-2ubuntu3.14\n libcurl4 7.58.0-2ubuntu3.14\n\nIn general, a standard system update will make all the necessary changes. Description:\n\nRed Hat 3scale API Management delivers centralized API management features\nthrough a distributed, cloud-hosted layer. It includes built-in features to\nhelp in building a more successful API program, including access control,\nrate limits, payment gateway integration, and developer experience tools. Bugs fixed (https://bugzilla.redhat.com/):\n\n1869800 - CVE-2020-8911 aws/aws-sdk-go: CBC padding oracle issue in AWS S3 Crypto SDK for golang\n1869801 - CVE-2020-8912 aws-sdk-go: In-band key negotiation issue in AWS S3 Crypto SDK for golang\n1930083 - CVE-2021-3442 PT RHOAM: XSS in 3scale at various places\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n2007489 - RHACM 2.1.12 images\n2010991 - CVE-2021-32687 redis: Integer overflow issue with intsets\n2011000 - CVE-2021-32675 redis: Denial of service via Redis Standard Protocol (RESP) request\n2011001 - CVE-2021-32672 redis: Out of bounds read in lua debugger protocol parser\n2011004 - CVE-2021-32628 redis: Integer overflow bug in the ziplist data structure\n2011010 - CVE-2021-32627 redis: Integer overflow issue with Streams\n2011017 - CVE-2021-32626 redis: Lua scripts can overflow the heap-based Lua stack\n2011020 - CVE-2021-41099 redis: Integer overflow issue with strings\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Moderate: curl security update\nAdvisory ID: RHSA-2021:3582-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2021:3582\nIssue date: 2021-09-21\nCVE Names: CVE-2021-22922 CVE-2021-22923 CVE-2021-22924 \n=====================================================================\n\n1. Summary:\n\nAn update for curl is now available for Red Hat Enterprise Linux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64\n\n3. Description:\n\nThe curl packages provide the libcurl library and the curl utility for\ndownloading files from servers using various protocols, including HTTP,\nFTP, and LDAP. \n\nSecurity Fix(es):\n\n* curl: Content not matching hash in Metalink is not being discarded\n(CVE-2021-22922)\n\n* curl: Metalink download sends credentials (CVE-2021-22923)\n\n* curl: Bad connection reuse due to flawed path name checks\n(CVE-2021-22924)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1981435 - CVE-2021-22922 curl: Content not matching hash in Metalink is not being discarded\n1981438 - CVE-2021-22923 curl: Metalink download sends credentials\n1981460 - CVE-2021-22924 curl: Bad connection reuse due to flawed path name checks\n\n6. Package List:\n\nRed Hat Enterprise Linux BaseOS (v. 8):\n\nSource:\ncurl-7.61.1-18.el8_4.1.src.rpm\n\naarch64:\ncurl-7.61.1-18.el8_4.1.aarch64.rpm\ncurl-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm\ncurl-debugsource-7.61.1-18.el8_4.1.aarch64.rpm\ncurl-minimal-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm\nlibcurl-7.61.1-18.el8_4.1.aarch64.rpm\nlibcurl-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm\nlibcurl-devel-7.61.1-18.el8_4.1.aarch64.rpm\nlibcurl-minimal-7.61.1-18.el8_4.1.aarch64.rpm\nlibcurl-minimal-debuginfo-7.61.1-18.el8_4.1.aarch64.rpm\n\nppc64le:\ncurl-7.61.1-18.el8_4.1.ppc64le.rpm\ncurl-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm\ncurl-debugsource-7.61.1-18.el8_4.1.ppc64le.rpm\ncurl-minimal-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm\nlibcurl-7.61.1-18.el8_4.1.ppc64le.rpm\nlibcurl-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm\nlibcurl-devel-7.61.1-18.el8_4.1.ppc64le.rpm\nlibcurl-minimal-7.61.1-18.el8_4.1.ppc64le.rpm\nlibcurl-minimal-debuginfo-7.61.1-18.el8_4.1.ppc64le.rpm\n\ns390x:\ncurl-7.61.1-18.el8_4.1.s390x.rpm\ncurl-debuginfo-7.61.1-18.el8_4.1.s390x.rpm\ncurl-debugsource-7.61.1-18.el8_4.1.s390x.rpm\ncurl-minimal-debuginfo-7.61.1-18.el8_4.1.s390x.rpm\nlibcurl-7.61.1-18.el8_4.1.s390x.rpm\nlibcurl-debuginfo-7.61.1-18.el8_4.1.s390x.rpm\nlibcurl-devel-7.61.1-18.el8_4.1.s390x.rpm\nlibcurl-minimal-7.61.1-18.el8_4.1.s390x.rpm\nlibcurl-minimal-debuginfo-7.61.1-18.el8_4.1.s390x.rpm\n\nx86_64:\ncurl-7.61.1-18.el8_4.1.x86_64.rpm\ncurl-debuginfo-7.61.1-18.el8_4.1.i686.rpm\ncurl-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm\ncurl-debugsource-7.61.1-18.el8_4.1.i686.rpm\ncurl-debugsource-7.61.1-18.el8_4.1.x86_64.rpm\ncurl-minimal-debuginfo-7.61.1-18.el8_4.1.i686.rpm\ncurl-minimal-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm\nlibcurl-7.61.1-18.el8_4.1.i686.rpm\nlibcurl-7.61.1-18.el8_4.1.x86_64.rpm\nlibcurl-debuginfo-7.61.1-18.el8_4.1.i686.rpm\nlibcurl-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm\nlibcurl-devel-7.61.1-18.el8_4.1.i686.rpm\nlibcurl-devel-7.61.1-18.el8_4.1.x86_64.rpm\nlibcurl-minimal-7.61.1-18.el8_4.1.i686.rpm\nlibcurl-minimal-7.61.1-18.el8_4.1.x86_64.rpm\nlibcurl-minimal-debuginfo-7.61.1-18.el8_4.1.i686.rpm\nlibcurl-minimal-debuginfo-7.61.1-18.el8_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-22922\nhttps://access.redhat.com/security/cve/CVE-2021-22923\nhttps://access.redhat.com/security/cve/CVE-2021-22924\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYUmbl9zjgjWX9erEAQi0VRAAkVIQKLPCBEK+Dy1js5VwXXZssOhvgmm/\nxe9piCdrgBrbILxPEY0hkPYCmw3hKsRWD3FCMou6275HUJydJQpqANDmP/msUZOE\nLYJcM6cMWR7/2HWtgx6BQ5z6PZte+vzetzoHPDjI8O25kqd+BfT6JN0wCzKUQrUO\nauFPz1Sqj3UG1PHB62fSBJ4MpmRrCtJJh/Q84Rfp2JilVmsCpAOCm+gHEye3tu49\nyF0fSA+JLS9Ut1XzaktucevPiwApj2dmxuagGFftvPzaP+cMz5V7Hv5akI89uapk\nL+Q4T37Fx53MQg+CAI1uDg2jxkfk96fijCoM2oczsQW4Np0HWH2tyAkg9+gJCB3h\nKScu9RXUr3uYCSoy9zyurEceoGbJWDRvh9B/0BNhY6ywjG+c/+bXAJDDs0pA049g\nCkpJERsNGhgXgDm+ONgVwxaHDRKlcX6wYTgyWfAw9qOLmhZrQbhfSzt9ebhpd0HL\nAvv8qpCjtxTx5E9QBAlnDcUCb3cqQkD3/j9y9I4zAtAFoF6oWQ4xqQO8cJqGNPZ/\nqztENtA7CKd0bgYEPOuujdWtTnK/s3iww+LRkCuzHNzNneQGeSziZJfB38rlKCLq\nlZHwCRl0EYrfcjBziwR6LLbpEe2u6vdsQKDfPXHuld+wfgYTTmtxhTVPMy8FKSf5\nTuOJZuxQys4=\n=DwWr\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://listman.redhat.com/mailman/listinfo/rhsa-announce\n. Summary:\n\nThe Migration Toolkit for Containers (MTC) 1.6.0 is now available. Description:\n\nThe Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API. Bugs fixed (https://bugzilla.redhat.com/):\n\n1878824 - Web console is not accessible when deployed on OpenShift cluster on IBM Cloud\n1887526 - \"Stage\" pods fail when migrating from classic OpenShift source cluster on IBM Cloud with block storage\n1899562 - MigMigration custom resource does not display an error message when a migration fails because of volume mount error\n1936886 - Service account token of existing remote cluster cannot be updated by using the web console\n1936894 - \"Ready\" status of MigHook and MigPlan custom resources is not synchronized automatically\n1949117 - \"Migration plan resources\" page displays a permanent error message when a migration plan is deleted from the backend\n1951869 - MigPlan custom resource does not detect invalid source cluster reference\n1968621 - Paused deployment config causes a migration to hang\n1970338 - Parallel migrations fail because the initial backup is missing\n1974737 - Migration plan name length in the \"Migration plan\" wizard is not validated\n1975369 - \"Debug view\" link text on \"Migration plans\" page can be improved\n1975372 - Destination namespace in MigPlan custom resource is not validated\n1976895 - Namespace mapping cannot be changed using the Migration Plan wizard\n1981810 - \"Excluded\" resources are not excluded from the migration\n1982026 - Direct image migration fails if the source URI contains a double slash (\"//\")\n1994985 - Web console crashes when a MigPlan custom resource is created with an empty namespaces list\n1996169 - When \"None\" is selected as the target storage class in the web console, the setting is ignored and the default storage class is used\n1996627 - MigPlan custom resource displays a \"PvUsageAnalysisFailed\" warning after a successful PVC migration\n1996784 - \"Migration resources\" tree on the \"Migration details\" page is not displayed\n1996902 - \"Select all\" checkbox on the \"Namespaces\" page of the \"Migration plan\" wizard remains selected after a namespace is unselected\n1996904 - \"Migration\" dialogs on the \"Migration plans\" page display inconsistent capitalization\n1996906 - \"Migration details\" page link is displayed for a migration plan with no associated migrations\n1996938 - Search function on \"Migration plans\" page displays no results\n1997051 - Indirect migration from MTC 1.5.1 to 1.6.0 fails during \"StageBackup\" phase\n1997127 - Direct volume migration \"retry\" feature does not work correctly after a network failure\n1997173 - Migration of custom resource definitions to OpenShift Container Platform 4.9 fails because of API version incompatibility\n1997180 - \"migration-log-reader\" pod does not log invalid Rsync options\n1997665 - Selected PVCs in the \"State migration\" dialog are reset because of background polling\n1997694 - \"Update operator\" link on the \"Clusters\" page is incorrect\n1997827 - \"Migration plan\" wizard displays PVC names incorrectly formatted after running state migration\n1998062 - Rsync pod uses upstream image\n1998283 - \"Migration step details\" link on the \"Migrations\" page does not work\n1998550 - \"Migration plan\" wizard does not support certain screen resolutions\n1998581 - \"Migration details\" link on \"Migration plans\" page displays \"latestIsFailed\" error\n1999113 - \"oc describe\" and \"oc log\" commands on \"Migration resources\" tree cannot be copied after failed migration\n1999381 - MigPlan custom resource displays \"Stage completed with warnings\" status after successful migration\n1999528 - Position of the \"Add migration plan\" button is different from the other \"Add\" buttons\n1999765 - \"Migrate\" button on \"State migration\" dialog is enabled when no PVCs are selected\n1999784 - CVE-2021-3749 nodejs-axios: Regular expression denial of service in trim function\n2000205 - \"Options\" menu on the \"Migration details\" page displays incorrect items\n2000218 - Validation incorrectly blocks namespace mapping if a source cluster namespace is the same as the destination namespace\n2000243 - \"Migration plan\" wizard does not allow a migration within the same cluster\n2000644 - Invalid migration plan causes \"controller\" pod to crash\n2000875 - State migration status on \"Migrations\" page displays \"Stage succeeded\" message\n2000979 - \"clusterIPs\" parameter of \"service\" object can cause Velero errors\n2001089 - Direct volume migration fails because of missing CA path configuration\n2001173 - Migration plan requires two clusters\n2001786 - Migration fails during \"Stage Backup\" step because volume path on host not found\n2001829 - Migration does not complete when the namespace contains a cron job with a PVC\n2001941 - Fixing PVC conflicts in state migration plan using the web console causes the migration to run twice\n2002420 - \"Stage\" pod not created for completed application pod, causing the \"mig-controller\" to stall\n2002608 - Migration of unmounted PVC fails during \"StageBackup\" phase\n2002897 - Rollback migration does not complete when the namespace contains a cron job\n2003603 - \"View logs\" dialog displays the \"--selector\" option, which does not print all logs\n2004601 - Migration plan status on \"Migration plans\" page is \"Ready\" after migration completed with warnings\n2004923 - Web console displays \"New operator version available\" notification for incorrect operator\n2005143 - Combining Rsync and Stunnel in a single pod can degrade performance\n2006316 - Web console cannot create migration plan in a proxy environment\n2007175 - Web console cannot be launched in a proxy environment\n\n5. JIRA issues fixed (https://issues.jboss.org/):\n\nMIG-785 - Search for \"Crane\" in the Operator Hub should display the Migration Toolkit for Containers\n\n6. Summary:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.1.11 General\nAvailability release images, which provide a security fix and update the\ncontainer images. Description:\n\nRed Hat Advanced Cluster Management for Kubernetes 2.1.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the\ncapabilities to address common challenges that administrators and site\nreliability engineers face as they work across a range of public and\nprivate cloud environments. Clusters and applications are all visible and\nmanaged from a single console\u2014with security policy built in. \n\nThis advisory contains updates to one or more container images for Red Hat\nAdvanced Cluster Management for Kubernetes. \n\nContainer updates:\n\n* RHACM 2.1.11 images (BZ# 1999375)\n\n3. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. To apply this upgrade,\nyou \nmust upgrade your OpenShift Container Platform version to 4.6, or later. Bugs fixed (https://bugzilla.redhat.com/):\n\n1963121 - CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name\n1999375 - RHACM 2.1.11 images\n\n5. These flaws may allow remote attackers to obtain sensitive\ninformation, leak authentication or cookie header data or facilitate a\ndenial of service attack. \n\nFor the stable distribution (bullseye), these problems have been fixed in\nversion 7.74.0-1.3+deb11u2. \n\nWe recommend that you upgrade your curl packages. \n\nFor the detailed security status of curl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/curl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n-----BEGIN PGP SIGNATURE-----\n\niQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmLoBaNfFIAAAAAALgAo\naXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD\nRjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7\nUeTf9A//VWkco2gxCMMe8JDcL9sLD0B5L8KGRxbPBYmpE1l2kCpiW9QGVwCN3q2K\ni8xo0jmRxSwSXDmAE17aTtGT66vU8vQSHewty031TcvWKBoAJpKRTbazfdOy/vDD\nwaofTEaUClFt3NNiR3gigRU6OFV/9MWlUWwCJ/Wgd5osJTQCyWV/iHz3FJluc1Gp\nrXamYLnWGUJbIZgMFEo7TqIyb91P0PrX4hpnCcnhvY4ci5NWOj2qaoWGhgF+f9gz\nUao91GTOnuTyoY3apKzifdO5dih9zJttnRKUgHkn9YCGxanljoPjHRYOavWdN6bE\nyIpT/Xw2dy05Fzydb73bDurQP+mkyWGZA+S8gxtbY7S7OylRS9iHSfyUpAVEM/Ab\nSPkGQl6vBKr7dmyHkdIlbViste6kcmhQQete9E3tM18MkyK0NbBiUj+pShNPC+SF\nREStal14ZE+DSwFKp5UA8izEh0G5RC5VUVhB/jtoxym2rvmIamk5YqCS1rupGP9R\n1Y+Jm8CywBrKHl5EzAVUswC5xDAArWdXRvrgHCeElnkwuCwRC8AgRiYFFRulWKwt\nTV5qveehnzSc2z5IDc/tdiPWNJhJu/blNN8BauG8zmJV4ZhZP9EO1FCLE7DpqQ38\nEPtUTMXaMQR1W15He51auBQwJgSiX1II+5jh6PeZTKBKnJgLYNA=\n=3E71\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-22924"
},
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "VULMON",
"id": "CVE-2021-22924"
},
{
"db": "PACKETSTORM",
"id": "163637"
},
{
"db": "PACKETSTORM",
"id": "164523"
},
{
"db": "PACKETSTORM",
"id": "164562"
},
{
"db": "PACKETSTORM",
"id": "164511"
},
{
"db": "PACKETSTORM",
"id": "164583"
},
{
"db": "PACKETSTORM",
"id": "164221"
},
{
"db": "PACKETSTORM",
"id": "164342"
},
{
"db": "PACKETSTORM",
"id": "164282"
},
{
"db": "PACKETSTORM",
"id": "164948"
},
{
"db": "PACKETSTORM",
"id": "169318"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-22924",
"trust": 2.8
},
{
"db": "SIEMENS",
"id": "SSA-732250",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-484086",
"trust": 1.7
},
{
"db": "SIEMENS",
"id": "SSA-389290",
"trust": 1.7
},
{
"db": "HACKERONE",
"id": "1223565",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "164948",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "164583",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "164755",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "163637",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164523",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164562",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164511",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164221",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164342",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "164282",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "169318",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2021.3211",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.4266",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3941",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3878",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3472",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3430",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2473",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3485",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1637",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2526",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.2755",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3167",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2023.3146",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3499",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.3649",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042566",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021092811",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072212",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021112309",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021110313",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021080210",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021090834",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021092221",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021072814",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2021102116",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022031104",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "166714",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "164555",
"trust": 0.6
},
{
"db": "ICS CERT",
"id": "ICSA-22-132-13",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "165008",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-381398",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-22924",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "VULMON",
"id": "CVE-2021-22924"
},
{
"db": "PACKETSTORM",
"id": "163637"
},
{
"db": "PACKETSTORM",
"id": "164523"
},
{
"db": "PACKETSTORM",
"id": "164562"
},
{
"db": "PACKETSTORM",
"id": "164511"
},
{
"db": "PACKETSTORM",
"id": "164583"
},
{
"db": "PACKETSTORM",
"id": "164221"
},
{
"db": "PACKETSTORM",
"id": "164342"
},
{
"db": "PACKETSTORM",
"id": "164282"
},
{
"db": "PACKETSTORM",
"id": "164948"
},
{
"db": "PACKETSTORM",
"id": "169318"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"id": "VAR-202108-2222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-381398"
}
],
"trust": 0.7410993499999999
},
"last_update_date": "2024-09-19T20:42:00.776000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Arch Linux Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=157203"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2021-22924 log"
},
{
"title": "Arch Linux Advisories: [ASA-202107-61] libcurl-compat: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-61"
},
{
"title": "Arch Linux Advisories: [ASA-202107-60] lib32-curl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-60"
},
{
"title": "Arch Linux Advisories: [ASA-202107-64] lib32-libcurl-gnutls: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-64"
},
{
"title": "Arch Linux Advisories: [ASA-202107-62] lib32-libcurl-compat: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-62"
},
{
"title": "Arch Linux Advisories: [ASA-202107-63] libcurl-gnutls: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-63"
},
{
"title": "Arch Linux Advisories: [ASA-202107-59] curl: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-202107-59"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-22924"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-706",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"
},
{
"trust": 1.7,
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-732250.pdf"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20210902-0003/"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2022/dsa-5197"
},
{
"trust": 1.7,
"url": "https://hackerone.com/reports/1223565"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"trust": 1.7,
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html"
},
{
"trust": 1.4,
"url": "https://access.redhat.com/security/cve/cve-2021-22924"
},
{
"trust": 1.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22924"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cdev.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc%40%3cusers.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cdev.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7%40%3cusers.kafka.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22922"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22923"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-22922"
},
{
"trust": 0.8,
"url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2021-22923"
},
{
"trust": 0.8,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/frucw2uvnyudzf72dqlfqr4pjec6cf7v/"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cdev.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cdev.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/r61db8e7dcb56dc000a5387a88f7a473bacec5ee01b9ff3f55308aacc@%3cusers.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://lists.apache.org/thread.html/rbf4ce74b0d1fa9810dec50ba3ace0caeea677af7c27a97111c06ccb7@%3cusers.kafka.apache.org%3e"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-36222"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2021-37750"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-36222"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37750"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164342/red-hat-security-advisory-2021-3694-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164282/red-hat-security-advisory-2021-3653-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042566"
},
{
"trust": 0.6,
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-22-132-13"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2755"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021112309"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164555/red-hat-security-advisory-2021-3917-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164755/red-hat-security-advisory-2021-4104-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3649"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2023.3146"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3211"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164523/red-hat-security-advisory-2021-3873-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3430"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3472"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072814"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3499"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021080210"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164221/red-hat-security-advisory-2021-3582-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164511/red-hat-security-advisory-2021-3851-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164583/red-hat-security-advisory-2021-3949-01.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/curl-information-disclosure-via-connection-reuse-35955"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2526"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021092221"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3878"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021072212"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021110313"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164948/red-hat-security-advisory-2021-4618-01.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6495409"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3167"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/169318/debian-security-advisory-5197-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.2473"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021092811"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3485"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/163637/ubuntu-security-notice-usn-5021-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.3941"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166714/red-hat-security-advisory-2022-1354-01.html"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021090834"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/164562/red-hat-security-advisory-2021-3925-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.4266"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1637"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2021102116"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022031104"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3653"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_mana"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2021-3653"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32626"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32687"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32626"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32675"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23017"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32675"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-41099"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32627"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32687"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32628"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32672"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-23017"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32627"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32672"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2021-32628"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-41099"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-3656"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3656"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-37576"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2021-37576"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22898"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22543"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23840"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-22543"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-4658"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2016-4658"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32690"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-32690"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23841"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-23841"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23840"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2021-3749"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22947"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22946"
},
{
"trust": 0.1,
"url": "http://seclists.org/oss-sec/2021/q3/26"
},
{
"trust": 0.1,
"url": "https://security.archlinux.org/cve-2021-22924"
},
{
"trust": 0.1,
"url": "https://security.archlinux.org/asa-202107-61"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.74.0-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.14"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5021-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22925"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.6"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-23434"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3873"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-23434"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21670"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-25648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21670"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-25741"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-25648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-21671"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3925"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-21671"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-25741"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8912"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-8911"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-27218"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8911"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3715"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-27218"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-8912"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/documentation/en-us/red_hat_3scale_api_management"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3851"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3949"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3582"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.1,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.1,
"url": "https://docs.openshift.com/container-platform/4.8/migration_toolkit_for_con"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-38201"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-38201"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3694"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3749"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-27777"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-29154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-31535"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:3653"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29650"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-27777"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-29154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32399"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-29650"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22555"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-31535"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22555"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33929"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-0512"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3733"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33930"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3711"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2021:4618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3733"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2020-36385"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-32804"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33623"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33938"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33929"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36385"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32804"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22947"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-0512"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-3711"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33930"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33623"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-22946"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33928"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3712"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-33938"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-32803"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2021-33928"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27782"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32205"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27775"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32206"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27774"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-32207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27781"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-27776"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/curl"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-22576"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-22945"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "VULMON",
"id": "CVE-2021-22924"
},
{
"db": "PACKETSTORM",
"id": "163637"
},
{
"db": "PACKETSTORM",
"id": "164523"
},
{
"db": "PACKETSTORM",
"id": "164562"
},
{
"db": "PACKETSTORM",
"id": "164511"
},
{
"db": "PACKETSTORM",
"id": "164583"
},
{
"db": "PACKETSTORM",
"id": "164221"
},
{
"db": "PACKETSTORM",
"id": "164342"
},
{
"db": "PACKETSTORM",
"id": "164282"
},
{
"db": "PACKETSTORM",
"id": "164948"
},
{
"db": "PACKETSTORM",
"id": "169318"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-381398"
},
{
"db": "VULMON",
"id": "CVE-2021-22924"
},
{
"db": "PACKETSTORM",
"id": "163637"
},
{
"db": "PACKETSTORM",
"id": "164523"
},
{
"db": "PACKETSTORM",
"id": "164562"
},
{
"db": "PACKETSTORM",
"id": "164511"
},
{
"db": "PACKETSTORM",
"id": "164583"
},
{
"db": "PACKETSTORM",
"id": "164221"
},
{
"db": "PACKETSTORM",
"id": "164342"
},
{
"db": "PACKETSTORM",
"id": "164282"
},
{
"db": "PACKETSTORM",
"id": "164948"
},
{
"db": "PACKETSTORM",
"id": "169318"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-08-05T00:00:00",
"db": "VULHUB",
"id": "VHN-381398"
},
{
"date": "2021-07-22T23:15:11",
"db": "PACKETSTORM",
"id": "163637"
},
{
"date": "2021-10-15T15:06:44",
"db": "PACKETSTORM",
"id": "164523"
},
{
"date": "2021-10-20T15:45:47",
"db": "PACKETSTORM",
"id": "164562"
},
{
"date": "2021-10-14T15:19:59",
"db": "PACKETSTORM",
"id": "164511"
},
{
"date": "2021-10-21T15:31:47",
"db": "PACKETSTORM",
"id": "164583"
},
{
"date": "2021-09-21T15:40:44",
"db": "PACKETSTORM",
"id": "164221"
},
{
"date": "2021-09-30T16:27:16",
"db": "PACKETSTORM",
"id": "164342"
},
{
"date": "2021-09-24T15:49:04",
"db": "PACKETSTORM",
"id": "164282"
},
{
"date": "2021-11-12T17:01:04",
"db": "PACKETSTORM",
"id": "164948"
},
{
"date": "2022-08-28T19:12:00",
"db": "PACKETSTORM",
"id": "169318"
},
{
"date": "2021-07-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"date": "2021-08-05T21:15:11.380000",
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-381398"
},
{
"date": "2023-06-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-1569"
},
{
"date": "2024-03-27T15:11:45.923000",
"db": "NVD",
"id": "CVE-2021-22924"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "163637"
},
{
"db": "PACKETSTORM",
"id": "169318"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libcurl Resource Management Error Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-1569"
}
],
"trust": 0.6
}
}
cve-2022-34820
Vulnerability from cvelistv5
Published
2022-07-12 10:07
Modified
2025-04-21 13:51
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:10.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34820",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:22:59.563603Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:51:29.230Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). The application does not correctly escape some user provided fields during the authentication process. This could allow an attacker to inject custom commands and execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:30:39.103Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-34820",
"datePublished": "2022-07-12T10:07:29.000Z",
"dateReserved": "2022-06-29T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:51:29.230Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34819
Vulnerability from cvelistv5
Published
2022-07-12 10:07
Modified
2025-04-21 13:51
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0 < V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:10.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34819",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:11:00.365420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:51:38.353Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003e= V2.0 \u003c V2.2.28"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions \u003c V3.3.46), SIMATIC CP 1243-1 (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions \u003c V3.3.46), SIMATIC CP 1243-7 LTE US (All versions \u003c V3.3.46), SIMATIC CP 1243-8 IRC (All versions \u003c V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions \u003e= V2.0 \u003c V2.2.28), SIMATIC CP 1543-1 (All versions \u003c V3.0.22), SIMATIC CP 1543SP-1 (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions \u003e= V2.0 \u003c V2.2.28), SIPLUS NET CP 1242-7 V2 (All versions \u003c V3.3.46), SIPLUS NET CP 1543-1 (All versions \u003c V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions \u003c V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions \u003c V3.3.46). The application lacks proper validation of user-supplied data when parsing specific messages. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 10,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-14T09:30:37.921Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-34819",
"datePublished": "2022-07-12T10:07:27.000Z",
"dateReserved": "2022-06-29T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:51:38.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-34821
Vulnerability from cvelistv5
Published
2022-07-12 00:00
Modified
2025-04-21 13:52
Severity ?
7.6 (High) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
8.8 (High) - CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), SCALANCE M874-2 (6GK5874-2AA00-2AA2), SCALANCE M874-3 (6GK5874-3AA00-2AA2), SCALANCE M876-3 (6GK5876-3AA02-2BA2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2), SCALANCE M876-4 (6GK5876-4AA10-2BA2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0), SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:22:10.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34821",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-18T15:23:16.425380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:52:26.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V7.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC622-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC622-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC626-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC626-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC632-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC632-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC636-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC636-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC642-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC642-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC646-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE SC646-2C",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0",
"status": "affected",
"version": "V2.3",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAB762-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WAM766-1 EEC (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUB762-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUB762-1 iFeatures",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM763-1 (US)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (ME)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE WUM766-1 (USA)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE EU",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE US",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2.28",
"status": "affected",
"version": "V2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2.28",
"status": "affected",
"version": "V2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2.28",
"status": "affected",
"version": "V2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2.28",
"status": "affected",
"version": "V2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.2.28",
"status": "affected",
"version": "V2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1242-7 V2",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.0.22"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS S7-1200 CP 1243-1 RAIL",
"vendor": "Siemens",
"versions": [
{
"status": "affected",
"version": "All versions \u003c V3.3.46"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2), SCALANCE M804PB (6GK5804-0AP00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2), SCALANCE M874-2 (6GK5874-2AA00-2AA2), SCALANCE M874-3 (6GK5874-3AA00-2AA2), SCALANCE M876-3 (6GK5876-3AA02-2BA2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2), SCALANCE M876-4 (6GK5876-4AA10-2BA2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC622-2C (6GK5622-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC626-2C (6GK5626-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC632-2C (6GK5632-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC636-2C (6GK5636-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC642-2C (6GK5642-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE SC646-2C (6GK5646-2GS00-2AC2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0), SIMATIC CP 1242-7 V2 (6GK7242-7KX31-0XE0), SIMATIC CP 1243-1 (6GK7243-1BX30-0XE0), SIMATIC CP 1243-7 LTE EU (6GK7243-7KX30-0XE0), SIMATIC CP 1243-7 LTE US (6GK7243-7SX30-0XE0), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0), SIPLUS NET CP 1242-7 V2 (6AG1242-7KX31-7XE0), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0), SIPLUS S7-1200 CP 1243-1 (6AG1243-1BX30-2AX0), SIPLUS S7-1200 CP 1243-1 RAIL (6AG2243-1BX30-1XE0). By injecting code to specific configuration options for OpenVPN, an attacker could execute arbitrary code with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T10:26:58.220Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-413565.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-517377.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-413565.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2022-34821",
"datePublished": "2022-07-12T00:00:00.000Z",
"dateReserved": "2022-06-29T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:52:26.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38380
Vulnerability from cvelistv5
Published
2023-12-12 11:26
Modified
2024-08-02 17:39
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions < V3.4.29), SIMATIC CP 1243-7 LTE (All versions < V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions < V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions < V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions < V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions < V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions < V2.3), SINAMICS S210 (6SL5...) (All versions >= V6.1 < V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions < V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions < V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions < V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.
An attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:39:13.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1242-7 V2 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-1 IEC (incl. SIPLUS variants)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-7 LTE",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1243-8 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.4.29",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1542SP-1 IRC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIMATIC CP 1543SP-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SINAMICS S210 (6SL5...)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V6.1 HF2",
"status": "affected",
"version": "V6.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SIPLUS NET CP 1543-1",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.0.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC CP 1242-7 V2 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions \u003c V3.4.29), SIMATIC CP 1243-7 LTE (All versions \u003c V3.4.29), SIMATIC CP 1243-8 IRC (6GK7243-8RX30-0XE0) (All versions \u003c V3.4.29), SIMATIC CP 1542SP-1 (6GK7542-6UX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1542SP-1 IRC (6GK7542-6VX00-0XE0) (All versions \u003c V2.3), SIMATIC CP 1543-1 (6GK7543-1AX00-0XE0) (All versions \u003c V3.0.37), SIMATIC CP 1543SP-1 (6GK7543-6WX00-0XE0) (All versions \u003c V2.3), SINAMICS S210 (6SL5...) (All versions \u003e= V6.1 \u003c V6.1 HF2), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (6AG2542-6VX00-4XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC (6AG1543-6WX00-7XE0) (All versions \u003c V2.3), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (6AG2543-6WX00-4XE0) (All versions \u003c V2.3), SIPLUS NET CP 1543-1 (6AG1543-1AX00-2XE0) (All versions \u003c V3.0.37). The webserver implementation of the affected products does not correctly release allocated memory after it has been used.\r\n\r\nAn attacker with network access could use this vulnerability to cause a denial-of-service condition in the webserver of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T14:19:50.234Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-693975.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-693975.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-139628.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-625862.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2023-38380",
"datePublished": "2023-12-12T11:26:36.173Z",
"dateReserved": "2023-07-17T13:06:36.758Z",
"dateUpdated": "2024-08-02T17:39:13.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}