CVE-2022-29877 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2022-29877

Analyzed

More Info Official Page

Source-productcert@siemens.com

Published At-20 May, 2022 | 13:15

Updated At-02 Jun, 2022 | 13:50

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary	2.0	6.4	MEDIUM	AV:N/AC:L/Au:N/C:P/I:P/A:N

Type: Primary

Version: 3.1

Base score: 6.5

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Type: Primary

Version: 2.0

Base score: 6.4

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:N

CPE Matches

>>7kg8500-0aa00-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa00-0aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa00-0aa0:-:*:*:*:*:*:*:*

>>7kg8500-0aa00-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa00-2aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa00-2aa0:-:*:*:*:*:*:*:*

>>7kg8500-0aa10-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa10-0aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa10-0aa0:-:*:*:*:*:*:*:*

>>7kg8500-0aa10-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa10-2aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa10-2aa0:-:*:*:*:*:*:*:*

>>7kg8500-0aa30-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa30-0aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa30-0aa0:-:*:*:*:*:*:*:*

>>7kg8500-0aa30-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8500-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8500-0aa30-2aa0>>-

cpe:2.3:h:siemens:7kg8500-0aa30-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa01-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa01-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa01-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa01-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa01-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa01-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa01-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa02-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa02-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa02-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa02-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa02-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa02-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa02-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa02-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa11-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa11-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa11-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa11-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa11-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa11-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa11-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa11-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa12-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa12-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa12-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa12-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa12-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa12-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa12-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa12-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa31-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa31-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa31-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa31-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa31-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa31-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa31-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa31-2aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa32-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa32-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa32-0aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa32-0aa0:-:*:*:*:*:*:*:*

>>7kg8501-0aa32-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8501-0aa32-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8501-0aa32-2aa0>>-

cpe:2.3:h:siemens:7kg8501-0aa32-2aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa00-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa00-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa00-0aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa00-0aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa00-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa00-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa00-2aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa00-2aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa10-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa10-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa10-0aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa10-0aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa10-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa10-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa10-2aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa10-2aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa30-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa30-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa30-0aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa30-0aa0:-:*:*:*:*:*:*:*

>>7kg8550-0aa30-2aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8550-0aa30-2aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8550-0aa30-2aa0>>-

cpe:2.3:h:siemens:7kg8550-0aa30-2aa0:-:*:*:*:*:*:*:*

>>7kg8551-0aa01-0aa0_firmware>>Versions before 3.00(exclusive)

cpe:2.3:o:siemens:7kg8551-0aa01-0aa0_firmware:*:*:*:*:*:*:*:*

>>7kg8551-0aa01-0aa0>>-

cpe:2.3:h:siemens:7kg8551-0aa01-0aa0:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-306	Primary	nvd@nist.gov
CWE-306	Secondary	productcert@siemens.com

CWE ID: CWE-306

Type: Primary

Source: nvd@nist.gov

CWE ID: CWE-306

Type: Secondary

Source: productcert@siemens.com

References

Hyperlink	Source	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf	productcert@siemens.com	Patch Vendor Advisory

Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf

Source: productcert@siemens.com

Resource:

Patch

Vendor Advisory