CVE-2022-3684 SDM600 endpoint vulnerability

🗓️ 28 Mar 2023 12:49:36Reported by Hitachi EnergyType

CVE-2022-3684 SDM600 endpoint vulnerability. Exploitable by running multiple parallel requests causing unresponsiveness

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of Hitachi Energy System Data Manager SDM600, related to improper cleaning or release of resources, allows a intruder to trigger a service failure.	7 Apr 202300:00	–	bdu_fstec
Circl	CVE-2022-3684	28 Mar 202316:44	–	circl
CNNVD	SDM600 安全漏洞	28 Mar 202300:00	–	cnnvd
CVE	CVE-2022-3684	28 Mar 202312:49	–	cve
EUVD	EUVD-2022-43043	3 Oct 202520:07	–	euvd
ICS	Hitachi Energy MicroSCADA System Data Manager SDM600	10 Apr 202315:37	–	ics
NVD	CVE-2022-3684	28 Mar 202313:15	–	nvd
OSV	CVE-2022-3684	28 Mar 202313:15	–	osv
Prion	Hardcoded credentials	28 Mar 202313:15	–	prion
Positive Technologies	PT-2023-2167 · Hitachi Energy · Sdm600	28 Mar 202300:00	–	ptsecurity

[
  {
    "defaultStatus": "unaffected",
    "product": "SDM600",
    "vendor": "Hitachi Energy",
    "versions": [
      {
        "status": "unaffected",
        "version": "SDM600 1.3"
      },
      {
        "lessThanOrEqual": "SDM600 1.2.*",
        "status": "affected",
        "version": "SDM600 1.2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "SDM600 1.1.*",
        "status": "affected",
        "version": "SDM600 1.1",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "SDM600 1.0.*",
        "status": "affected",
        "version": "SDM600 1.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
search	www.search.abb.com/library/Download.aspx

28 Mar 2023 12:49Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.5

EPSS0.00616

CWE-404