Lucene search

[email protected]NVD:CVE-2022-30694

HistoryNov 08, 2022 - 11:15 a.m.

CVE-2022-30694

2022-11-0811:15:10

CWE-352

[email protected]

web.nvd.nist.gov

web service

csrf

vulnerability

remote attackers

origin checking

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

34.5%

JSON

The login endpoint /FormLogin in affected web services does not apply proper origin checking.

This could allow authenticated remote attackers to track the activities of other users via a login cross-site request forgery attack.

Affected configurations

NVD

Node

siemenssimatic_s7-1500_software_controllerMatch-

siemenssimatic_s7-plcsim_advancedMatch-

siemenssimatic_wincc_runtimeMatch-advanced

Node

siemens6es7154-8fb01-0ab0Match-

AND

siemens6es7154-8fb01-0ab0_firmwareRange<3.2.19

Node

siemens6es7154-8ab01-0ab0Match-

AND

siemens6es7154-8ab01-0ab0_firmwareRange<3.2.19

Node

siemens6es7154-8fx00-0ab0Match-

AND

siemens6es7154-8fx00-0ab0_firmwareRange<3.2.19

Node

siemens6es7151-8ab01-0ab0Match-

AND

siemens6es7151-8ab01-0ab0_firmwareRange<3.2.19

Node

siemens6es7151-8fb01-0ab0Match-

AND

siemens6es7151-8fb01-0ab0_firmwareRange<3.2.19

Node

siemens6es7314-6eh04-0ab0Match-

AND

siemens6es7314-6eh04-0ab0_firmwareRange<3.3.19

Node

siemens6es7315-2eh14-0ab0Match-

AND

siemens6es7315-2eh14-0ab0_firmwareRange<3.2.19

Node

siemens6es7315-2fj14-0ab0Match-

AND

siemens6es7315-2fj14-0ab0_firmwareRange<3.2.19

Node

siemens6es7315-7tj10-0ab0_firmwareRange<3.2.19

AND

siemens6es7315-7tj10-0ab0Match-

Node

siemens6es7317-2ek14-0ab0_firmwareRange<3.2.19

AND

siemens6es7317-2ek14-0ab0Match-

Node

siemens6es7317-2fk14-0ab0_firmwareRange<3.2.19

AND

siemens6es7317-2fk14-0ab0Match-

Node

siemens6es7317-7tk10-0ab0_firmwareRange<3.2.19

AND

siemens6es7317-7tk10-0ab0Match-

Node

siemens6es7317-7ul10-0ab0_firmwareRange<3.2.19

AND

siemens6es7317-7ul10-0ab0Match-

Node

siemens6es7318-3el01-0ab0_firmwareRange<3.2.19

AND

siemens6es7318-3el01-0ab0Match-

Node

siemens6es7318-3fl01-0ab0_firmwareRange<3.2.19

AND

siemens6es7318-3fl01-0ab0Match-

Node

siemens6ag1151-8ab01-7ab0_firmwareRange<3.2.19

AND

siemens6ag1151-8ab01-7ab0Match-

Node

siemens6ag1151-8fb01-2ab0_firmwareRange<3.2.19

AND

siemens6ag1151-8fb01-2ab0Match-

Node

siemens6ag1314-6eh04-7ab0_firmwareRange<3.3.19

AND

siemens6ag1314-6eh04-7ab0Match-

Node

siemens6ag1315-2eh14-7ab0_firmwareRange<3.2.19

AND

siemens6ag1315-2eh14-7ab0Match-

Node

siemens6ag1315-2fj14-2ab0_firmwareRange<3.2.19

AND

siemens6ag1315-2fj14-2ab0Match-

Node

siemens6ag1317-2ek14-7ab0Match-

AND

siemens6ag1317-2ek14-7ab0_firmwareRange<3.2.19

Node

siemens6ag1317-2fk14-2ab0_firmwareRange<3.2.19

AND

siemens6ag1317-2fk14-2ab0Match-

Node

siemenssinumerik_one_firmwareMatch-

AND

siemenssinumerik_oneMatch-

Node

siemenssimatic_pcs_firmwareRange≤2.1

AND

siemenssimatic_pcsMatch-

Node

siemenssimatic_drive_controller_cpu_1504d_tf_firmwareMatch-

AND

siemenssimatic_drive_controller_cpu_1504d_tfMatch-

Node

siemenssimatic_drive_controller_cpu_1507d_tf_firmwareMatch-

AND

siemenssimatic_drive_controller_cpu_1507d_tfMatch-

Node

siemenssimatic_s7-400_pn\/dp_v7_firmwareMatch-

AND

siemenssimatic_s7-400_pn\/dp_v7Match-

Node

siemenssimatic_s7-400_pn\/dp_v6_firmwareMatch-

AND

siemenssimatic_s7-400_pn\/dp_v6Match-

Node

siemenssimatic_s7-1500_cpu_1507s_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1507sMatch-

Node

siemenssimatic_s7-1500_cpu_1507s_f_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1507s_fMatch-

Node

siemenssimatic_s7-1500_cpu_1508s_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1508sMatch-

Node

siemenssimatic_s7-1500_cpu_1508s_f_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1508s_fMatch-

Node

siemenssimatic_s7-1500_cpu_1510sp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1510spMatch-

Node

siemenssimatic_s7-1500_cpu_1510sp-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1510sp-1Match-

Node

siemenssimatic_s7-1500_cpu_1511-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511-1Match-

Node

siemenssimatic_s7-1500_cpu_1511-1_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511-1_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1511c_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511cMatch-

Node

siemenssimatic_s7-1500_cpu_1511c-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511c-1Match-

Node

siemenssimatic_s7-1500_cpu_1511f-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511f-1Match-

Node

siemenssimatic_s7-1500_cpu_1511f-1_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511f-1_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1511t-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511t-1Match-

Node

siemenssimatic_s7-1500_cpu_1511tf-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1511tf-1Match-

Node

siemenssimatic_s7-1500_cpu_1512c_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1512cMatch-

Node

siemenssimatic_s7-1500_cpu_1512c-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1512c-1Match-

Node

siemenssimatic_s7-1500_cpu_1512sp-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1512sp-1Match-

Node

siemenssimatic_s7-1500_cpu_1512spf-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1512spf-1Match-

Node

siemenssimatic_s7-1500_cpu_1513-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1513-1Match-

Node

siemenssimatic_s7-1500_cpu_1513-1_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1513-1_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1513f-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1513f-1Match-

Node

siemenssimatic_s7-1500_cpu_1513f-1_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1513f-1_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1513r-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1513r-1Match-

Node

siemenssimatic_s7-1500_cpu_151511c-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_151511c-1Match-

Node

siemenssimatic_s7-1500_cpu_151511f-1_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_151511f-1Match-

Node

siemenssimatic_s7-1500_cpu_1515-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515-2Match-

Node

siemenssimatic_s7-1500_cpu_1515-2_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515-2_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1515f-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515f-2Match-

Node

siemenssimatic_s7-1500_cpu_1515f-2_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515f-2_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1515r-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515r-2Match-

Node

siemenssimatic_s7-1500_cpu_1515t-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515t-2Match-

Node

siemenssimatic_s7-1500_cpu_1515tf-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1515tf-2Match-

Node

siemenssimatic_s7-1500_cpu_1516-3_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1516-3Match-

Node

siemenssimatic_s7-1500_cpu_1516-3_dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1516-3_dpMatch-

Node

siemenssimatic_s7-1500_cpu_1516-3_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1516-3_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1516-3_pn\/dpMatch-

AND

siemenssimatic_s7-1500_cpu_1516-3_pn\/dp_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516f-3Match-

AND

siemenssimatic_s7-1500_cpu_1516f-3_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516f-3_pn\/dpMatch-

AND

siemenssimatic_s7-1500_cpu_1516f-3_pn\/dp_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516pro_fMatch-

AND

siemenssimatic_s7-1500_cpu_1516pro_f_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516pro-2Match-

AND

siemenssimatic_s7-1500_cpu_1516pro-2_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516t-3Match-

AND

siemenssimatic_s7-1500_cpu_1516t-3_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1516tf-3Match-

AND

siemenssimatic_s7-1500_cpu_1516tf-3_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1517-3Match-

AND

siemenssimatic_s7-1500_cpu_1517-3_firmwareMatch-

Node

siemenssimatic_s7-1500_cpu_1517-3_dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517-3_dpMatch-

Node

siemenssimatic_s7-1500_cpu_1517-3_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517-3_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1517-3_pn\/dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517-3_pn\/dpMatch-

Node

siemenssimatic_s7-1500_cpu_1517f-3_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517f-3Match-

Node

siemenssimatic_s7-1500_cpu_1517f-3_pn\/dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517f-3_pn\/dpMatch-

Node

siemenssimatic_s7-1500_cpu_1517tf-3_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1517tf-3Match-

Node

siemenssimatic_s7-1500_cpu_1518_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518Match-

Node

siemenssimatic_s7-1500_cpu_1518-4_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518-4Match-

Node

siemenssimatic_s7-1500_cpu_1518-4_dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518-4_dpMatch-

Node

siemenssimatic_s7-1500_cpu_1518-4_pn_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518-4_pnMatch-

Node

siemenssimatic_s7-1500_cpu_1518-4_pn\/dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518-4_pn\/dpMatch-

Node

siemenssimatic_s7-1500_cpu_1518-4_pn\/dp_mfp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518-4_pn\/dp_mfpMatch-

Node

siemenssimatic_s7-1500_cpu_1518f-4_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518f-4Match-

Node

siemenssimatic_s7-1500_cpu_1518f-4_pn\/dp_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518f-4_pn\/dpMatch-

Node

siemenssimatic_s7-1500_cpu_1518hf-4_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518hf-4Match-

Node

siemenssimatic_s7-1500_cpu_1518t-4_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518t-4Match-

Node

siemenssimatic_s7-1500_cpu_1518tf-4_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_1518tf-4Match-

Node

siemenssimatic_s7-1500_cpu_15pro-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_15pro-2Match-

Node

siemenssimatic_s7-1500_cpu_15prof-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_15prof-2Match-

Node

siemenssimatic_s7-1500_cpu_cpu_1513pro-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_cpu_1513pro-2Match-

Node

siemenssimatic_s7-1500_cpu_cpu_1513prof-2_firmwareMatch-

AND

siemenssimatic_s7-1500_cpu_cpu_1513prof-2Match-

Node

siemenssimatic_s7-1200_cpu_12_1211c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1211cMatch-

Node

siemenssimatic_s7-1200_cpu_12_1212c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1212cMatch-

Node

siemenssimatic_s7-1200_cpu_12_1212fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1212fcMatch-

Node

siemenssimatic_s7-1200_cpu_12_1214c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1214cMatch-

Node

siemenssimatic_s7-1200_cpu_12_1214fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1214fcMatch-

Node

siemenssimatic_s7-1200_cpu_12_1215c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1215cMatch-

Node

siemenssimatic_s7-1200_cpu_12_1215fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1215fcMatch-

Node

siemenssimatic_s7-1200_cpu_12_1217c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_12_1217cMatch-

Node

siemenssimatic_s7-1200_cpu_1211c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1211cMatch-

Node

siemenssimatic_s7-1200_cpu_1212c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1212cMatch-

Node

siemenssimatic_s7-1200_cpu_1212fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1212fcMatch-

Node

siemenssimatic_s7-1200_cpu_1214_fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1214_fcMatch-

Node

siemenssimatic_s7-1200_cpu_1214c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1214cMatch-

Node

siemenssimatic_s7-1200_cpu_1214fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1214fcMatch-

Node

siemenssimatic_s7-1200_cpu_1215_fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1215_fcMatch-

Node

siemenssimatic_s7-1200_cpu_1215c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1215cMatch-

Node

siemenssimatic_s7-1200_cpu_1215fc_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1215fcMatch-

Node

siemenssimatic_s7-1200_cpu_1217c_firmwareMatch-

AND

siemenssimatic_s7-1200_cpu_1217cMatch-

References

cert-portal.siemens.com/productcert/pdf/ssa-478960.pdf

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

34.5%

JSON

Related for NVD:CVE-2022-30694

nessus1 cvelist1 cnvd1 prion1 cve1 ics1