Lucene search

PRIOn knowledge basePRION:CVE-2022-22508

HistoryMay 15, 2023 - 10:15 a.m.

Input validation

2023-05-1510:15:00

PRIOn knowledge base

www.prio-n.com

input validation

codesys v3

remote attacker

block logins

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

4.6 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

21.2%

JSON

Improper Input Validation vulnerability in multiple CODESYS V3 products allows an authenticated remote attacker to block consecutive logins of a specific type.

CPENameOperatorVersion
control_for_beaglebone_sllt4.7.0.0
control_for_empc-a\\/imx6_sllt4.7.0.0
control_for_iot2000_sllt4.7.0.0
control_for_linux_sllt4.7.0.0
control_for_pfc100_sllt4.7.0.0
control_for_pfc200_sllt4.7.0.0
control_for_plcnext_sllt4.7.0.0
control_for_raspberry_pi_sllt4.7.0.0
control_for_wago_touch_panels_600_sllt4.7.0.0
control_rte_\\(for_beckhoff_cx\\)_sllt3.5.18.40

Name	Operator	Version
control_for_beaglebone_sl	lt	4.7.0.0
control_for_empc-a\\/imx6_sl	lt	4.7.0.0
control_for_iot2000_sl	lt	4.7.0.0
control_for_linux_sl	lt	4.7.0.0
control_for_pfc100_sl	lt	4.7.0.0
control_for_pfc200_sl	lt	4.7.0.0
control_for_plcnext_sl	lt	4.7.0.0
control_for_raspberry_pi_sl	lt	4.7.0.0
control_for_wago_touch_panels_600_sl	lt	4.7.0.0
control_rte_\\(for_beckhoff_cx\\)_sl	lt	3.5.18.40

Rows per page:

1-10 of 141

References

customers.codesys.com/index.php?eID=dumpFile&t=f&f=17351&token=a7c02b2825fea2bcaf80c1a8e62097d72ec90f1a&download=

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

4.6 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

21.2%

JSON

Related for PRION:CVE-2022-22508