7.5

CVE-2022-45044

A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5 6MD86 (CP200) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions < V9.50), SIPROTEC 5 6MD89 (CP300) (All versions < V9.64), SIPROTEC 5 6MU85 (CP300) (All versions < V9.50), SIPROTEC 5 7KE85 (CP200) (All versions), SIPROTEC 5 7KE85 (CP300) (All versions < V9.64), SIPROTEC 5 7SA82 (CP100) (All versions), SIPROTEC 5 7SA82 (CP150) (All versions < V9.50), SIPROTEC 5 7SA84 (CP200) (All versions), SIPROTEC 5 7SA86 (CP200) (All versions), SIPROTEC 5 7SA86 (CP300) (All versions < V9.50), SIPROTEC 5 7SA87 (CP200) (All versions), SIPROTEC 5 7SA87 (CP300) (All versions < V9.50), SIPROTEC 5 7SD82 (CP100) (All versions), SIPROTEC 5 7SD82 (CP150) (All versions < V9.50), SIPROTEC 5 7SD84 (CP200) (All versions), SIPROTEC 5 7SD86 (CP200) (All versions), SIPROTEC 5 7SD86 (CP300) (All versions < V9.50), SIPROTEC 5 7SD87 (CP200) (All versions), SIPROTEC 5 7SD87 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ81 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ81 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ82 (CP100) (All versions < V8.89), SIPROTEC 5 7SJ82 (CP150) (All versions < V9.50), SIPROTEC 5 7SJ85 (CP200) (All versions), SIPROTEC 5 7SJ85 (CP300) (All versions < V9.50), SIPROTEC 5 7SJ86 (CP200) (All versions), SIPROTEC 5 7SJ86 (CP300) (All versions < V9.50), SIPROTEC 5 7SK82 (CP100) (All versions < V8.89), SIPROTEC 5 7SK82 (CP150) (All versions < V9.50), SIPROTEC 5 7SK85 (CP200) (All versions), SIPROTEC 5 7SK85 (CP300) (All versions < V9.50), SIPROTEC 5 7SL82 (CP100) (All versions), SIPROTEC 5 7SL82 (CP150) (All versions < V9.50), SIPROTEC 5 7SL86 (CP200) (All versions), SIPROTEC 5 7SL86 (CP300) (All versions < V9.50), SIPROTEC 5 7SL87 (CP200) (All versions), SIPROTEC 5 7SL87 (CP300) (All versions < V9.50), SIPROTEC 5 7SS85 (CP200) (All versions), SIPROTEC 5 7SS85 (CP300) (All versions < V9.50), SIPROTEC 5 7ST85 (CP200) (All versions), SIPROTEC 5 7ST85 (CP300) (All versions < V9.64), SIPROTEC 5 7ST86 (CP300) (All versions < V9.64), SIPROTEC 5 7SX82 (CP150) (All versions < V9.50), SIPROTEC 5 7SX85 (CP300) (All versions < V9.50), SIPROTEC 5 7UM85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT82 (CP100) (All versions), SIPROTEC 5 7UT82 (CP150) (All versions < V9.50), SIPROTEC 5 7UT85 (CP200) (All versions), SIPROTEC 5 7UT85 (CP300) (All versions < V9.50), SIPROTEC 5 7UT86 (CP200) (All versions), SIPROTEC 5 7UT86 (CP300) (All versions < V9.50), SIPROTEC 5 7UT87 (CP200) (All versions), SIPROTEC 5 7UT87 (CP300) (All versions < V9.50), SIPROTEC 5 7VE85 (CP300) (All versions < V9.50), SIPROTEC 5 7VK87 (CP200) (All versions), SIPROTEC 5 7VK87 (CP300) (All versions < V9.50), SIPROTEC 5 7VU85 (CP300) (All versions < V9.50), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BA-2EL (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V8.89 installed on CP100 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions < V9.50 installed on CP150 and CP300 devices), SIPROTEC 5 Communication Module ETH-BB-2FO (All versions installed on CP200 devices), SIPROTEC 5 Communication Module ETH-BD-2FO (All versions < V9.50), SIPROTEC 5 Compact 7SX800 (CP050) (All versions < V9.50). Affected devices do not properly restrict secure client-initiated renegotiations within the SSL and TLS protocols. This could allow an attacker to create a denial of service condition on the ports 443/tcp and 4443/tcp for the duration of the attack.

Data is provided by the National Vulnerability Database (NVD)
SiemensSiprotec 5 6md85 Firmware Version-
   SiemensSiprotec 5 6md85 Versioncp200
SiemensSiprotec 5 6md85 Firmware Version-
   SiemensSiprotec 5 6md85 Versioncp300
SiemensSiprotec 5 6md86 Firmware Version-
   SiemensSiprotec 5 6md86 Versioncp200
SiemensSiprotec 5 6md86 Firmware Version-
   SiemensSiprotec 5 6md86 Versioncp300
SiemensSiprotec 5 6md89 Firmware Version-
   SiemensSiprotec 5 6md89 Versioncp300
SiemensSiprotec 5 6mu85 Firmware Version-
   SiemensSiprotec 5 6mu85 Versioncp200
SiemensSiprotec 5 6mu85 Firmware Version-
   SiemensSiprotec 5 6mu85 Versioncp300
SiemensSiprotec 5 7ke85 Firmware Version-
   SiemensSiprotec 5 7ke85 Versioncp200
SiemensSiprotec 5 7ke85 Firmware Version-
   SiemensSiprotec 5 7ke85 Versioncp300
SiemensSiprotec 5 7sa82 Firmware Version-
   SiemensSiprotec 5 7sa82 Versioncp100
SiemensSiprotec 5 7sa82 Firmware Version-
   SiemensSiprotec 5 7sa82 Versioncp150
SiemensSiprotec 5 7sa86 Firmware Version-
   SiemensSiprotec 5 7sa86 Versioncp200
SiemensSiprotec 5 7sa86 Firmware Version-
   SiemensSiprotec 5 7sa86 Versioncp300
SiemensSiprotec 5 7sa87 Firmware Version-
   SiemensSiprotec 5 7sa87 Versioncp200
SiemensSiprotec 5 7sa87 Firmware Version-
   SiemensSiprotec 5 7sa87 Versioncp300
SiemensSiprotec 5 7sd82 Firmware Version-
   SiemensSiprotec 5 7sd82 Versioncp100
SiemensSiprotec 5 7sd82 Firmware Version-
   SiemensSiprotec 5 7sd82 Versioncp150
SiemensSiprotec 5 7sd86 Firmware Version-
   SiemensSiprotec 5 7sd86 Versioncp200
SiemensSiprotec 5 7sd86 Firmware Version-
   SiemensSiprotec 5 7sd86 Versioncp300
SiemensSiprotec 5 7sd87 Firmware Version-
   SiemensSiprotec 5 7sd87 Versioncp200
SiemensSiprotec 5 7sd87 Firmware Version-
   SiemensSiprotec 5 7sd87 Versioncp300
SiemensSiprotec 5 7sj81 Firmware Version-
   SiemensSiprotec 5 7sj81 Versioncp100
SiemensSiprotec 5 7sj81 Firmware Version-
   SiemensSiprotec 5 7sj81 Versioncp150
SiemensSiprotec 5 7sj82 Firmware Version-
   SiemensSiprotec 5 7sj82 Versioncp100
SiemensSiprotec 5 7sj82 Firmware Version-
   SiemensSiprotec 5 7sj82 Versioncp150
SiemensSiprotec 5 7sj85 Firmware Version-
   SiemensSiprotec 5 7sj85 Versioncp200
SiemensSiprotec 5 7sj85 Firmware Version-
   SiemensSiprotec 5 7sj85 Versioncp300
SiemensSiprotec 5 7sj86 Firmware Version-
   SiemensSiprotec 5 7sj86 Versioncp200
SiemensSiprotec 5 7sj86 Firmware Version-
   SiemensSiprotec 5 7sj86 Versioncp300
SiemensSiprotec 5 7sk82 Firmware Version-
   SiemensSiprotec 5 7sk82 Versioncp100
SiemensSiprotec 5 7sk82 Firmware Version-
   SiemensSiprotec 5 7sk82 Versioncp150
SiemensSiprotec 5 7sk85 Firmware Version-
   SiemensSiprotec 5 7sk85 Versioncp200
SiemensSiprotec 5 7sk85 Firmware Version-
   SiemensSiprotec 5 7sk85 Versioncp300
SiemensSiprotec 5 7sl82 Firmware Version-
   SiemensSiprotec 5 7sl82 Versioncp100
SiemensSiprotec 5 7sl82 Firmware Version-
   SiemensSiprotec 5 7sl82 Versioncp150
SiemensSiprotec 5 7sl86 Firmware Version-
   SiemensSiprotec 5 7sl86 Versioncp200
SiemensSiprotec 5 7sl86 Firmware Version-
   SiemensSiprotec 5 7sl86 Versioncp300
SiemensSiprotec 5 7sl87 Firmware Version-
   SiemensSiprotec 5 7sl87 Versioncp200
SiemensSiprotec 5 7sl87 Firmware Version-
   SiemensSiprotec 5 7sl87 Versioncp300
SiemensSiprotec 5 7ss85 Firmware Version-
   SiemensSiprotec 5 7ss85 Versioncp200
SiemensSiprotec 5 7ss85 Firmware Version-
   SiemensSiprotec 5 7ss85 Versioncp300
SiemensSiprotec 5 7st85 Firmware Version-
   SiemensSiprotec 5 7st85 Versioncp200
SiemensSiprotec 5 7st85 Firmware Version-
   SiemensSiprotec 5 7st85 Versioncp300
SiemensSiprotec 5 7sx85 Firmware Version-
   SiemensSiprotec 5 7sx85 Versioncp300
SiemensSiprotec 5 7um85 Firmware Version-
   SiemensSiprotec 5 7um85 Versioncp300
SiemensSiprotec 5 7ut82 Firmware Version-
   SiemensSiprotec 5 7ut82 Versioncp100
SiemensSiprotec 5 7ut82 Firmware Version-
   SiemensSiprotec 5 7ut82 Versioncp150
SiemensSiprotec 5 7ut85 Firmware Version-
   SiemensSiprotec 5 7ut85 Versioncp200
SiemensSiprotec 5 7ut85 Firmware Version-
   SiemensSiprotec 5 7ut85 Versioncp300
SiemensSiprotec 5 7ut86 Firmware Version-
   SiemensSiprotec 5 7ut86 Versioncp200
SiemensSiprotec 5 7ut86 Firmware Version-
   SiemensSiprotec 5 7ut86 Versioncp300
SiemensSiprotec 5 7ut87 Firmware Version-
   SiemensSiprotec 5 7ut87 Versioncp200
SiemensSiprotec 5 7ut87 Firmware Version-
   SiemensSiprotec 5 7ut87 Versioncp300
SiemensSiprotec 5 7ve85 Firmware Version-
   SiemensSiprotec 5 7ve85 Versioncp300
SiemensSiprotec 5 7vk87 Firmware Version-
   SiemensSiprotec 5 7vk87 Versioncp200
SiemensSiprotec 5 7vk87 Firmware Version-
   SiemensSiprotec 5 7vk87 Versioncp300
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.362
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
productcert@siemens.com 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.