CVE-2022-29877

EPSS 0.27%
Published 20.05.2022 13:15:16
Last modified 21.11.2024 06:59:52
Source productcert@siemens.com
Teams watchlist Login
Open Login

A vulnerability has been identified in SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P850 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00), SICAM P855 (All versions < V3.00). Affected devices allow unauthenticated access to the web interface configuration area. This could allow an attacker to extract internal configuration details or to reconfigure network settings. However, the reconfigured settings cannot be activated unless the role of an authenticated administrator user.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Siemens ≫ 7kg8500-0aa00-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa00-0aa0 Version-

Siemens ≫ 7kg8500-0aa00-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa00-2aa0 Version-

Siemens ≫ 7kg8500-0aa10-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa10-0aa0 Version-

Siemens ≫ 7kg8500-0aa10-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa10-2aa0 Version-

Siemens ≫ 7kg8500-0aa30-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa30-0aa0 Version-

Siemens ≫ 7kg8500-0aa30-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8500-0aa30-2aa0 Version-

Siemens ≫ 7kg8501-0aa01-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa01-0aa0 Version-

Siemens ≫ 7kg8501-0aa01-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa01-2aa0 Version-

Siemens ≫ 7kg8501-0aa02-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa02-0aa0 Version-

Siemens ≫ 7kg8501-0aa02-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa02-2aa0 Version-

Siemens ≫ 7kg8501-0aa11-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa11-0aa0 Version-

Siemens ≫ 7kg8501-0aa11-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa11-2aa0 Version-

Siemens ≫ 7kg8501-0aa12-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa12-0aa0 Version-

Siemens ≫ 7kg8501-0aa12-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa12-2aa0 Version-

Siemens ≫ 7kg8501-0aa31-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa31-0aa0 Version-

Siemens ≫ 7kg8501-0aa31-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa31-2aa0 Version-

Siemens ≫ 7kg8501-0aa32-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa32-0aa0 Version-

Siemens ≫ 7kg8501-0aa32-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8501-0aa32-2aa0 Version-

Siemens ≫ 7kg8550-0aa00-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa00-0aa0 Version-

Siemens ≫ 7kg8550-0aa00-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa00-2aa0 Version-

Siemens ≫ 7kg8550-0aa10-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa10-0aa0 Version-

Siemens ≫ 7kg8550-0aa10-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa10-2aa0 Version-

Siemens ≫ 7kg8550-0aa30-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa30-0aa0 Version-

Siemens ≫ 7kg8550-0aa30-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8550-0aa30-2aa0 Version-

Siemens ≫ 7kg8551-0aa01-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa01-0aa0 Version-

Siemens ≫ 7kg8551-0aa01-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa01-2aa0 Version-

Siemens ≫ 7kg8551-0aa02-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa02-0aa0 Version-

Siemens ≫ 7kg8551-0aa02-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa02-2aa0 Version-

Siemens ≫ 7kg8551-0aa11-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa11-0aa0 Version-

Siemens ≫ 7kg8551-0aa11-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa11-2aa0 Version-

Siemens ≫ 7kg8551-0aa12-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa12-0aa0 Version-

Siemens ≫ 7kg8551-0aa12-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa12-2aa0 Version-

Siemens ≫ 7kg8551-0aa31-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa31-0aa0 Version-

Siemens ≫ 7kg8551-0aa31-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa31-2aa0 Version-

Siemens ≫ 7kg8551-0aa32-0aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa32-0aa0 Version-

Siemens ≫ 7kg8551-0aa32-2aa0 Firmware Version < 3.00

Siemens ≫ 7kg8551-0aa32-2aa0 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.27%	0.503

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	3.9	2.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

https://cert-portal.siemens.com/productcert/pdf/ssa-165073.pdf

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-29877

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-29877

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-29877

EUVD