Lucene search
PRIOn knowledge basePRION:CVE-2022-43398HistoryNov 08, 2022 - 11:15 a.m.
Session fixation
2022-11-0811:15:00
PRIOn knowledge base
www.prio-n.com
3
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50), POWER METER SICAM Q100 (All versions < V2.50). Affected devices do not renew the session cookie after login/logout and also accept user defined session cookies. An attacker could overwrite the stored session cookie of a user. After the victim logged in, the attacker is given access to the userβs account through the activated session.
| CPE | Name | Operator | Version |
|---|---|---|---|
| 7kg9501-0aa01-2aa1_firmware | lt | 2.50 | |
| 7kg9501-0aa31-2aa1_firmware | lt | 2.50 |
Related
cve
cve
CVE-2022-43398
2022-11-08 11:15:11
nessus
nessus
Siemens SICAM Q100 Session Fixation (CVE-2022-43398)
2023-04-20 00:00:00
cnvd
cnvd
Siemens POWER METER SICAM Q100 session fixed vulnerability
2022-11-09 00:00:00
cvelist
cvelist
CVE-2022-43398
2022-11-08 00:00:00
nvd
nvd
CVE-2022-43398
2022-11-08 11:15:11
ics
ics
Siemens SICAM Q100
2022-11-10 12:00:00
βSiemens SICAM Q200 Devices
2023-06-15 12:00:00