Lucene search
HistoryMar 23, 2023 - 6:15 a.m.
CVE-2022-22512
cve-2022-22512
hard-coded credentials
administrative access
network
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
54.2%
Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network.
Affected configurations
Node
vartaelement_backup_firmwareRange<f21000400
vartaelement_backupMatch-
Node
vartaelement_s1_firmwareRange<2e.3.8.0
vartaelement_s1Match-
Node
vartaelement_s2_firmwareRange<2e.3.8.0
vartaelement_s2Match-
Node
vartaelement_s3_firmwareRange<2e.3.8.0
ORvartaelement_s3_firmwareRange2e.4.0.0–2e.4.4.0
vartaelement_s3Match-
Node
vartaelement_s4_firmwareRange<d21010400
vartaelement_s4Match-
Node
vartaone_l_firmwareRange<2e.3.8.0
vartaone_lMatch-
Node
vartaone_xl_firmwareRange<2e.3.8.0
vartaone_xlMatch-
Node
vartapulse_firmwareRange<c21010800
vartapulseMatch-
References
Related
cve
cve
CVE-2022-22512
2023-03-23 06:15:12
prion
prion
Hardcoded credentials
2023-03-23 06:15:00
cvelist
cvelist
CVE-2022-22512 VARTA: Multiple devices prone to hard-coded credentials
2023-03-23 05:32:16
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
54.2%
Related for NVD:CVE-2022-22512