CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
58.1%
A CORS Misconfiguration in the web-based management allows a malicious third party webserver to misuse all basic information pages on the webserver. In combination with CVE-2022-45138 this could lead to disclosure of device information like CPU diagnostics. As there is just a limited amount of information readable the impact only affects a small subset of confidentiality.
Vendor | Product | Version | CPE |
---|---|---|---|
wago | 751-9301_firmware | * | cpe:2.3:o:wago:751-9301_firmware:*:*:*:*:*:*:*:* |
wago | 751-9301_firmware | 22 | cpe:2.3:o:wago:751-9301_firmware:22:-:*:*:*:*:*:* |
wago | 751-9301_firmware | 23 | cpe:2.3:o:wago:751-9301_firmware:23:*:*:*:*:*:*:* |
wago | 751-9301 | - | cpe:2.3:h:wago:751-9301:-:*:*:*:*:*:*:* |
wago | 752-8303\/8000-002_firmware | * | cpe:2.3:o:wago:752-8303\/8000-002_firmware:*:*:*:*:*:*:*:* |
wago | 752-8303\/8000-002_firmware | 22 | cpe:2.3:o:wago:752-8303\/8000-002_firmware:22:-:*:*:*:*:*:* |
wago | 752-8303\/8000-002_firmware | 23 | cpe:2.3:o:wago:752-8303\/8000-002_firmware:23:*:*:*:*:*:*:* |
wago | 752-8303\/8000-002 | - | cpe:2.3:h:wago:752-8303\/8000-002:-:*:*:*:*:*:*:* |
wago | pfc100_firmware | * | cpe:2.3:o:wago:pfc100_firmware:*:*:*:*:*:*:*:* |
wago | pfc100_firmware | 22 | cpe:2.3:o:wago:pfc100_firmware:22:-:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"product": "Compact Controller CC100 (751-9301)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Edge Controller (752-8303/8000-002)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW18",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC100 (750-81xx/xxx-xxx)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PFC200 (750-82xx/xxx-xxx)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Touch Panel 600 Advanced Line (762-5xxx)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Touch Panel 600 Marine Line (762-6xxx)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Touch Panel 600 Standard Line (762-4xxx)",
"vendor": "WAGO",
"versions": [
{
"lessThan": "FW22",
"status": "affected",
"version": "FW16",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "FW22 Patch 1"
},
{
"status": "affected",
"version": "FW23"
}
]
}
]