cvelist/2022/43xxx/CVE-2022-43958.json

{
    "CVE_data_meta": {
        "ASSIGNER": "productcert@siemens.com",
        "ID": "CVE-2022-43958",
        "STATE": "PUBLIC"
    },
    "data_format": "MITRE",
    "data_version": "4.0",
    "data_type": "CVE",
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Siemens",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "QMS Automotive",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "All versions"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-316: Cleartext Storage of Sensitive Information in Memory"
                    }
                ]
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users."
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf",
                "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf"
            }
        ]
    }
}
"-Synchronized-Data." 2022-10-27 12:00:30 +00:00			`{`
			`"CVE_data_meta": {`
Siemens AD-2022-11 2022-11-08 11:38:48 +01:00			`"ASSIGNER": "productcert@siemens.com",`
"-Synchronized-Data." 2022-10-27 12:00:30 +00:00			`"ID": "CVE-2022-43958",`
Siemens AD-2022-11 2022-11-08 11:38:48 +01:00			`"STATE": "PUBLIC"`
			`},`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"data_type": "CVE",`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "Siemens",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "QMS Automotive",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "All versions"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-316: Cleartext Storage of Sensitive Information in Memory"`
			`}`
			`]`
			`}`
			`]`
"-Synchronized-Data." 2022-10-27 12:00:30 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
Siemens AD-2022-11 2022-11-08 11:38:48 +01:00			`"value": "A vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users."`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2022-11-08 11:00:36 +00:00			`"refsource": "MISC",`
			`"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf",`
			`"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-587547.pdf"`
"-Synchronized-Data." 2022-10-27 12:00:30 +00:00			`}`
			`]`
			`}`
			`}`