Lucene search
HistoryFeb 02, 2022 - 1:15 p.m.
CVE-2022-22509
phoenix contact
fl switch
series 2xxx
v3.00
privilege assignment
vulnerability
nvd
cve-2022-22509
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.9%
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration.
Affected configurations
Node
phoenixcontactfl_switch_2005_firmwareMatch3.00
phoenixcontactfl_switch_2005Match-
Node
phoenixcontactfl_switch_2008_firmwareMatch3.00
phoenixcontactfl_switch_2008Match-
Node
phoenixcontactfl_switch_2008f_firmwareMatch3.00
phoenixcontactfl_switch_2008fMatch-
Node
phoenixcontactfl_switch_2016_firmwareMatch3.00
phoenixcontactfl_switch_2016Match-
Node
phoenixcontactfl_switch_2105_firmwareMatch3.00
phoenixcontactfl_switch_2105Match-
Node
phoenixcontactfl_switch_2108_firmwareMatch3.00
phoenixcontactfl_switch_2108Match-
Node
phoenixcontactfl_switch_2116_firmwareMatch3.00
phoenixcontactfl_switch_2116Match-
Node
phoenixcontactfl_switch_2204-2tc-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2204-2tc-2sfxMatch-
Node
phoenixcontactfl_switch_2206-2fx_firmwareMatch3.00
phoenixcontactfl_switch_2206-2fxMatch-
Node
phoenixcontactfl_switch_2206-2fx_sm_firmwareMatch3.00
phoenixcontactfl_switch_2206-2fx_smMatch-
Node
phoenixcontactfl_switch_2206-2fx_sm_st_firmwareMatch3.00
phoenixcontactfl_switch_2206-2fx_sm_stMatch-
Node
phoenixcontactfl_switch_2206-2fx_st_firmwareMatch3.00
phoenixcontactfl_switch_2206-2fx_stMatch-
Node
phoenixcontactfl_switch_2206-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2206-2sfxMatch-
Node
phoenixcontactfl_switch_2206-2sfx_pn_firmwareMatch3.00
phoenixcontactfl_switch_2206-2sfx_pnMatch-
Node
phoenixcontactfl_switch_2206c-2fx_firmwareMatch3.00
phoenixcontactfl_switch_2206c-2fxMatch-
Node
phoenixcontactfl_switch_2207-fx_firmwareMatch3.00
phoenixcontactfl_switch_2207-fxMatch-
Node
phoenixcontactfl_switch_2207-fx_sm_firmwareMatch3.00
phoenixcontactfl_switch_2207-fx_smMatch-
Node
phoenixcontactfl_switch_2208_firmwareMatch3.00
phoenixcontactfl_switch_2208Match-
Node
phoenixcontactfl_switch_2208c_firmwareMatch3.00
phoenixcontactfl_switch_2208cMatch-
Node
phoenixcontactfl_switch_2208_pn_firmwareMatch3.00
phoenixcontactfl_switch_2208_pnMatch-
Node
phoenixcontactfl_switch_2212-2tc-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2212-2tc-2sfxMatch-
Node
phoenixcontactfl_switch_2214-2fx_firmwareMatch3.00
phoenixcontactfl_switch_2214-2fxMatch-
Node
phoenixcontactfl_switch_2214-2fx_sm_firmwareMatch3.00
phoenixcontactfl_switch_2214-2fx_smMatch-
Node
phoenixcontactfl_switch_2214-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2214-2sfxMatch-
Node
phoenixcontactfl_switch_2214-2sfx_pn_firmwareMatch3.00
phoenixcontactfl_switch_2214-2sfx_pnMatch-
Node
phoenixcontactfl_switch_2216_firmwareMatch3.00
phoenixcontactfl_switch_2216Match-
Node
phoenixcontactfl_switch_2216_pn_firmwareMatch3.00
phoenixcontactfl_switch_2216_pnMatch-
Node
phoenixcontactfl_switch_2304-2gc-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2304-2gc-2sfpMatch-
Node
phoenixcontactfl_switch_2306-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2306-2sfpMatch-
Node
phoenixcontactfl_switch_2306-2sfp_pn_firmwareMatch3.00
phoenixcontactfl_switch_2306-2sfp_pnMatch-
Node
phoenixcontactfl_switch_2308_firmwareMatch3.00
phoenixcontactfl_switch_2308Match-
Node
phoenixcontactfl_switch_2308_pn_firmwareMatch3.00
phoenixcontactfl_switch_2308_pnMatch-
Node
phoenixcontactfl_switch_2312-2gc-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2312-2gc-2sfpMatch-
Node
phoenixcontactfl_switch_2314-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2314-2sfpMatch-
Node
phoenixcontactfl_switch_2314-2sfp_pn_firmwareMatch3.00
phoenixcontactfl_switch_2314-2sfp_pnMatch-
Node
phoenixcontactfl_switch_2316_firmwareMatch3.00
phoenixcontactfl_switch_2316Match-
Node
phoenixcontactfl_switch_2316\/k1_firmwareMatch3.00
phoenixcontactfl_switch_2316\/k1Match-
Node
phoenixcontactfl_switch_2316_pn_firmwareMatch3.00
phoenixcontactfl_switch_2316_pnMatch-
Node
phoenixcontactfl_switch_2404-2tc-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2404-2tc-2sfxMatch-
Node
phoenixcontactfl_switch_2406-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2406-2sfxMatch-
Node
phoenixcontactfl_switch_2406-2sfx_pn_firmwareMatch3.00
phoenixcontactfl_switch_2406-2sfx_pnMatch-
Node
phoenixcontactfl_switch_2408_firmwareMatch3.00
phoenixcontactfl_switch_2408Match-
Node
phoenixcontactfl_switch_2408_pn_firmwareMatch3.00
phoenixcontactfl_switch_2408_pnMatch-
Node
phoenixcontactfl_switch_2412-2tc-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2412-2tc-2sfxMatch-
Node
phoenixcontactfl_switch_2414-2sfx_firmwareMatch3.00
phoenixcontactfl_switch_2414-2sfxMatch-
Node
phoenixcontactfl_switch_2414-2sfx_pn_firmwareMatch3.00
phoenixcontactfl_switch_2414-2sfx_pnMatch-
Node
phoenixcontactfl_switch_2416_firmwareMatch3.00
phoenixcontactfl_switch_2416Match-
Node
phoenixcontactfl_switch_2416_pn_firmwareMatch3.00
phoenixcontactfl_switch_2416_pnMatch-
Node
phoenixcontactfl_switch_2504-2gc-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2504-2gc-2sfpMatch-
Node
phoenixcontactfl_switch_2506-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2506-2sfpMatch-
Node
phoenixcontactfl_switch_2506-2sfp\/k1_firmwareMatch3.00
phoenixcontactfl_switch_2506-2sfp\/k1Match-
Node
phoenixcontactfl_switch_2506-2sfp_pn_firmwareMatch3.00
phoenixcontactfl_switch_2506-2sfp_pnMatch-
Node
phoenixcontactfl_switch_2508_firmwareMatch3.00
phoenixcontactfl_switch_2508Match-
Node
phoenixcontactfl_switch_2508\/k1_firmwareMatch3.00
phoenixcontactfl_switch_2508\/k1Match-
Node
phoenixcontactfl_switch_2508_pn_firmwareMatch3.00
phoenixcontactfl_switch_2508_pnMatch-
Node
phoenixcontactfl_switch_2512-2gc-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2512-2gc-2sfpMatch-
Node
phoenixcontactfl_switch_2514-2sfp_firmwareMatch3.00
phoenixcontactfl_switch_2514-2sfpMatch-
Node
phoenixcontactfl_switch_2514-2sfp_pn_firmwareMatch3.00
phoenixcontactfl_switch_2514-2sfp_pnMatch-
Node
phoenixcontactfl_switch_2516_firmwareMatch3.00
phoenixcontactfl_switch_2516Match-
Node
phoenixcontactfl_switch_2516_pn_firmwareMatch3.00
phoenixcontactfl_switch_2516_pnMatch-
Node
phoenixcontactfl_switch_2608_firmwareMatch3.00
phoenixcontactfl_switch_2608Match-
Node
phoenixcontactfl_switch_2608_pn_firmwareMatch3.00
phoenixcontactfl_switch_2608_pnMatch-
Node
phoenixcontactfl_switch_2708_firmwareMatch3.00
phoenixcontactfl_switch_2708Match-
Node
phoenixcontactfl_switch_2708_pn_firmwareMatch3.00
phoenixcontactfl_switch_2708_pnMatch-
Node
phoenixcontactfl_switch_2205_firmwareMatch3.00
phoenixcontactfl_switch_2205Match-
| CPE | Name | Operator | Version |
|---|---|---|---|
| phoenixcontact:fl_switch_2005_firmware | phoenixcontact fl switch 2005 firmware | eq | 3.00 |
References
Related
prion
prion
Design/Logic Flaw
2022-02-02 13:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-22509
2022-02-02 13:15:08
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.9%
Related for CVE-2022-22509