Lucene search
HistoryFeb 08, 2023 - 10:15 a.m.
CVE-2022-43761
authentication
b&r aprol
system configuration
cve-2022-43761
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
32.5%
Missing authentication when creating and
managing the B&R APROL database in versions <Ā R 4.2-07
allows reading and changing the system configuration.
Affected configurations
Node
br-automationindustrial_automation_aprolRange<r4.2-07
| Vendor | Product | Version | CPE |
|---|---|---|---|
| br-automation | industrial_automation_aprol | * | cpe:2.3:a:br-automation:industrial_automation_aprol:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2022-43761 Lack of authentication when managing APROL database
2023-02-08 09:33:28
cve
cve
CVE-2022-43761
2023-02-08 10:15:09
prion
prion
Authentication flaw
2023-02-08 10:15:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
9.5
Confidence
High
EPSS
0.001
Percentile
32.5%
Related for NVD:CVE-2022-43761