CVE-2022-38355

🗓️ 13 Dec 2022 21:12:06Reported by icscertType

Daikin SVMPC1 & SVMPC2 <v2.1.22 & v1.2.3, LAN info disclosure w/o aut

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2022-38355	14 Dec 202200:22	–	circl
CNNVD	DAIKIN SVMPC1和DAIKIN SVMPC2 安全漏洞	11 Oct 202200:00	–	cnnvd
Cvelist	CVE-2022-38355	13 Dec 202221:12	–	cvelist
EUVD	EUVD-2022-40944	3 Oct 202520:07	–	euvd
Japan Vulnerability Notes	Multiple vulnerabilities in SVMPC1 and SVMPC2	13 Oct 202208:27	–	jvn
NVD	CVE-2022-38355	13 Dec 202222:15	–	nvd
OSV	CVE-2022-38355	13 Dec 202222:15	–	osv
Prion	Authentication flaw	13 Dec 202222:15	–	prion
Positive Technologies	PT-2022-24384 · Daikin · Daikin Svmpc1 +1	13 Dec 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-38355	9 Jan 202608:45	–	redhatcve

NVD

Vulners

Node

daikinlatam svmpc1Range≤2.1.22

daikinlatam svmpc2Range≤1.2.3

[
  {
    "defaultStatus": "unaffected",
    "product": "SVMPC1 ",
    "vendor": "Daikin",
    "versions": [
      {
        "lessThanOrEqual": "2.1.22",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "SVMPC2",
    "vendor": "Daikin",
    "versions": [
      {
        "lessThanOrEqual": "1.2.3",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
cisa	www.cisa.gov/uscert/ics/advisories/icsa-22-284-02

21 Nov 2024 07:16Current

5.2Medium risk

Vulners AI Score5.2

CVSS 3.15.5 - 7.5

EPSS0.00102

SSVC

CWE-284