CVE-2022-35868

🗓️ 14 Feb 2023 10:36:08Reported by siemensType

Vulnerability in TIA Multiuser Server versions allowing privilege escalatio

Reporter	Title	Published	Views	Family All 10
CNNVD	Siemens TIA Multiuser Server 代码问题漏洞	14 Feb 202300:00	–	cnnvd
CNVD	Siemens TIA Project-Server formerly untrusted search path vulnerability	17 Feb 202300:00	–	cnvd
Cvelist	CVE-2022-35868	14 Feb 202310:36	–	cvelist
EUVD	EUVD-2022-38741	3 Oct 202520:07	–	euvd
ICS	Siemens TIA Project-Server formerly known as TIA Multiuser Server	14 Feb 202300:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	14 Feb 202300:00	–	ncsc
NVD	CVE-2022-35868	14 Feb 202311:15	–	nvd
Prion	Path traversal	14 Feb 202311:15	–	prion
Positive Technologies	PT-2023-1971 · Siemens · Tia Multiuser Server +1	14 Feb 202300:00	–	ptsecurity
RedhatCVE	CVE-2022-35868	23 May 202500:58	–	redhatcve

NVD

Node

siemens tia_multiuser_serverMatch14

siemens tia_multiuser_serverMatch15

siemens tia_multiuser_serverMatch15.1-

siemens tia_multiuser_serverMatch16

siemens tia_project-serverMatch1.0

siemens tia_project-serverMatch17-

siemens tia_project-serverMatch17update1

siemens tia_project-serverMatch17update4

[
  {
    "vendor": "Siemens",
    "product": "TIA Multiuser Server V14",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Multiuser Server V15",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V15.1 Update 8"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V1.1"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server V16",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "*",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "TIA Project-Server V17",
    "versions": [
      {
        "status": "affected",
        "version": "All versions < V17 Update 6"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-640968.html
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-640968.pdf

21 Nov 2024 07:11Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.7 - 7.3

EPSS0.0013

CWE-426