CVE-2022-46738

EPSS 0.06%
Veröffentlicht 22.05.2023 23:15:09
Zuletzt bearbeitet 21.11.2024 07:30:59
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

The affected product exposes multiple sensitive data fields of the affected product. An attacker can use the SNMP command to get device mac address and login as admin.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dataprobe ≫ Iboot-pdu4-n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4-n20 Version-

Dataprobe ≫ Iboot-pdu4sa-n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4sa-n15 Version-

Dataprobe ≫ Iboot-pdu4a-n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4a-n15 Version-

Dataprobe ≫ Iboot-pdu4sa-n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4sa-n20 Version-

Dataprobe ≫ Iboot-pdu4a-n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4a-n20 Version-

Dataprobe ≫ Iboot-pdu8sa-n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8sa-n15 Version-

Dataprobe ≫ Iboot-pdu8a-n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-n15 Version-

Dataprobe ≫ Iboot-pdu8sa-2n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8sa-2n15 Version-

Dataprobe ≫ Iboot-pdu8a-2n15 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-2n15 Version-

Dataprobe ≫ Iboot-pdu8sa-n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8sa-n20 Version-

Dataprobe ≫ Iboot-pdu8a-n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-n20 Version-

Dataprobe ≫ Iboot-pdu8a-2n20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-2n20 Version-

Dataprobe ≫ Iboot-pdu4-c20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4-c20 Version-

Dataprobe ≫ Iboot-pdu4a-c10 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4a-c10 Version-

Dataprobe ≫ Iboot-pdu4sa-c10 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4sa-c10 Version-

Dataprobe ≫ Iboot-pdu8a-c10 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-c10 Version-

Dataprobe ≫ Iboot-pdu8sa-c10 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8sa-c10 Version-

Dataprobe ≫ Iboot-pdu8a-2c20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-2c20 Version-

Dataprobe ≫ Iboot-pdu4sa-c20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4sa-c20 Version-

Dataprobe ≫ Iboot-pdu4a-c20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu4a-c20 Version-

Dataprobe ≫ Iboot-pdu8a-2c10 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-2c10 Version-

Dataprobe ≫ Iboot-pdu8a-c20 Firmware Version < 1.42.06162022

Dataprobe ≫ Iboot-pdu8a-c20 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.179

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
ics-cert@hq.dhs.gov	7.2	3.9	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://dataprobe.com/support/iboot-pdu/local_upgrade_pdu_procedure.pdf

Product

https://www.cisa.gov/news-events/ics-advisories/icsa-22-263-03

Patch

Third Party Advisory

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2022-46738

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-46738

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-46738

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-46738