Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:29 p.m.8 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS6.6AI score0.01012EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.22 views

Siemens Desigo PXC and DXR Devices Observable Discrepancy (CVE-2022-24043)

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.3CVSS5.6AI score0.01012EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/05/10 9:46 a.m.23 views

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 All versions V01.21.142.5-22, Desigo PXC3 All versions V01.21.142.4-18, Desigo PXC4 All versions V02.20.142.10-10884, Desigo PXC5 All versions V02.20.142.10-10884. The login functionality of the application fails to normalize the response times o...

5.4AI score0.01012EPSS
Exploits0References1
CVE
CVE
added 2022/05/10 9:46 a.m.103 views

CVE-2022-24043

Siemens Desigo DXR2, PXC3, PXC4 and PXC5 are affected by CVE-2022-24043 due to a login-side-channel: the system does not normalize response times between failed logins with wrong usernames and correct usernames, enabling username enumeration. Affected versions are: Desigo DXR2 < v01.21.142.5-2...

5.3CVSS5.1AI score0.01012EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder