Lucene search

[email protected]CVE-2022-32519

HistoryJan 30, 2023 - 11:15 p.m.

CVE-2022-32519

2023-01-3023:15:10

CWE-522

CWE-257

[email protected]

web.nvd.nist.gov

cve-2022-32519

cwe-257

data center expert

vulnerability

password storage

security

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.1%

JSON

A CWE-257: Storing Passwords in a Recoverable Format vulnerability exists that could result in unwanted access to a DCE instance when performed over a network by a malicious third-party. Affected Products: Data Center Expert (Versions prior to V7.9.0)

Affected configurations

NVD

Node

schneider-electricdata_center_expertRange<7.9.0

CPENameOperatorVersion
schneider-electric:data_center_expertschneider-electric data center expertlt7.9.0

CPE	Name	Operator	Version
schneider-electric:data_center_expert	schneider-electric data center expert	lt	7.9.0

CNA Affected

[
  {
    "vendor": "Schneider Electric",
    "product": "Data Center Expert",
    "versions": [
      {
        "version": "All",
        "status": "affected",
        "lessThan": "V7.9.0",
        "versionType": "custom"
      }
    ]
  }
]

References

download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-04_+Data_Center_Expert_Security_Notification.pdf&p_Doc_Ref=SEVD-2022-165-04

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.1%

JSON

Related for CVE-2022-32519

prion1 cvelist1 nvd1