5.7
CVE-2022-46142
- EPSS 0.07%
- Veröffentlicht 13.12.2022 16:15:25
- Zuletzt bearbeitet 14.01.2025 11:15:11
- Quelle productcert@siemens.com
- Teams Watchlist Login
- Unerledigt Login
Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Siemens ≫ Scalance Sc622-2c Firmware Version < 2.3
Siemens ≫ Scalance Sc626-2c Firmware Version < 2.3
Siemens ≫ Scalance Sc632-2c Firmware Version < 2.3
Siemens ≫ Scalance Sc636-2c Firmware Version < 2.3
Siemens ≫ Scalance Sc642-2c Firmware Version < 2.3
Siemens ≫ Scalance Sc646-2c Firmware Version < 2.3
Siemens ≫ Scalance W761-1 Rj45 Firmware Version-
Siemens ≫ Scalance W774-1 M12 Eec Firmware Version-
Siemens ≫ Scalance W774-1 M12 Rj45 Firmware Version-
Siemens ≫ Scalance W774-1 Rj45 Firmware Version-
Siemens ≫ Scalance W778-1 M12 Firmware Version-
Siemens ≫ Scalance W778-1 M12 Eec Firmware Version-
Siemens ≫ Scalance W786-1 Rj45 Firmware Version-
Siemens ≫ Scalance W786-2 Rj45 Firmware Version-
Siemens ≫ Scalance W786-2 Sfp Firmware Version-
Siemens ≫ Scalance W786-2ia Rj45 Firmware Version-
Siemens ≫ Scalance W788-1 M12 Firmware Version-
Siemens ≫ Scalance W788-1 Rj45 Firmware Version-
Siemens ≫ Scalance W788-2 M12 Firmware Version-
Siemens ≫ Scalance W788-2 M12 Eec Firmware Version-
Siemens ≫ Scalance W1748-1 M12 Firmware Version-
Siemens ≫ Scalance W1788-1 M12 Firmware Version-
Siemens ≫ Scalance W1788-2 Eec M12 Firmware Version-
Siemens ≫ Scalance W1788-2 M12 Firmware Version-
Siemens ≫ Scalance W1788-2ia M12 Firmware Version-
Siemens ≫ Scalance Wam763-1 Firmware Version-
Siemens ≫ Scalance Wam766-1 Firmware Version-
Siemens ≫ Scalance Wam766-1 6ghz Firmware Version-
Siemens ≫ Scalance Wam766-1 Ecc Firmware Version-
Siemens ≫ Scalance Wum763-1 Firmware Version-
Siemens ≫ Scalance Wum766-1 Firmware Version-
Siemens ≫ Scalance Wum766-1 6ghz Firmware Version-
Siemens ≫ Scalance Xb205-3 Firmware Version-
Siemens ≫ Scalance Xb205-3ld Firmware Version-
Siemens ≫ Scalance Xb208 Firmware Version-
Siemens ≫ Scalance Xb213-3 Firmware Version-
Siemens ≫ Scalance Xb213-3ld Firmware Version-
Siemens ≫ Scalance Xb216 Firmware Version-
Siemens ≫ Scalance Xc206-2 Firmware Version-
Siemens ≫ Scalance Xc206-2g Poe Firmware Version-
Siemens ≫ Scalance Xc206-2g Poe Eec Firmware Version-
Siemens ≫ Scalance Xc206-2sfp Firmware Version-
Siemens ≫ Scalance Xc206-2sfp Eec Firmware Version-
Siemens ≫ Scalance Xc206-2sfp G Firmware Version-
Siemens ≫ Scalance Xc206-2sfp G Eec Firmware Version-
Siemens ≫ Scalance Xc208 Firmware Version-
Siemens ≫ Scalance Xc208 Eec Firmware Version-
Siemens ≫ Scalance Xc208 Poe Firmware Version-
Siemens ≫ Scalance Xc216 Firmware Version-
Siemens ≫ Scalance Xc216-3g Poe Firmware Version-
Siemens ≫ Scalance Xc216-4c Firmware Version-
Siemens ≫ Scalance Xc216-4c G Firmware Version-
Siemens ≫ Scalance Xc216-4c G Eec Firmware Version-
Siemens ≫ Scalance Xc216eec Firmware Version-
Siemens ≫ Scalance Xc224 Firmware Version-
Siemens ≫ Scalance Xc224-4c G Firmware Version-
Siemens ≫ Scalance Xc224-4c G Eec Firmware Version-
Siemens ≫ Scalance Xf204 Firmware Version-
Siemens ≫ Scalance Xf204 Dna Firmware Version-
Siemens ≫ Scalance Xf204-2ba Firmware Version-
Siemens ≫ Scalance Xf204-2bca Dna Firmware Version-
Siemens ≫ Scalance Xm408-4c Firmware Version-
Siemens ≫ Scalance Xm408-8c Firmware Version-
Siemens ≫ Scalance Xm416-4c Firmware Version-
Siemens ≫ Scalance Xp208 Firmware Version-
Siemens ≫ Scalance Xp208eec Firmware Version-
Siemens ≫ Scalance Xp208poe Eec Firmware Version-
Siemens ≫ Scalance Xp216 Firmware Version-
Siemens ≫ Scalance Xp216eec Firmware Version-
Siemens ≫ Scalance Xp216poe Eec Firmware Version-
Siemens ≫ Scalance Xr324wg Firmware Version-
Siemens ≫ Scalance Xr326-2c Firmware Version-
Siemens ≫ Scalance Xr326-2c Poe Firmware Version-
Siemens ≫ Scalance Xr328-4c Wg Firmware Version-
Siemens ≫ Scalance Xr524-8c Firmware Version-
Siemens ≫ Scalance Xr526-8c Firmware Version-
Siemens ≫ Scalance Xr528-6m Firmware Version-
Siemens ≫ Scalance Xr552-12m Firmware Version-
Siemens ≫ Siplus Net Scalance Xc206-2 Firmware Version-
Siemens ≫ Siplus Net Scalance Xc206-2sfp Firmware Version-
Siemens ≫ Siplus Net Scalance Xc208 Firmware Version-
Siemens ≫ Siplus Net Scalance Xc216-4c Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.211 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| productcert@siemens.com | 5.2 | 0 | 0 |
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| productcert@siemens.com | 5.7 | 0.9 | 4.7 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
|
| nvd@nist.gov | 4.6 | 0.9 | 3.6 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-257 Storing Passwords in a Recoverable Format
The storage of passwords in a recoverable format makes them subject to password reuse attacks by malicious users. In fact, it should be noted that recoverable encrypted passwords provide no significant benefit over plaintext passwords since they are subject not only to reuse by malicious attackers but also by malicious insiders. If a system administrator can recover a password directly, or use a brute force search on the available information, the administrator can use the password on other accounts.
CWE-522 Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.