admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#7739

Browse Source 
Auto-merge PR#7739
This commit is contained in:
CVE Team 2022-10-21 08:30:16 -04:00 committed by GitHub
commit 38f4532e8e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 92 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
2022/3xxx/CVE-2022-3203.json
View File

@ -1,18 +1,103 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-10-21T12:00:00.000Z",
"ID": "CVE-2022-3203",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "ORing net IAP-420(+) Hidden Functionality"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IAP-420(+) ",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "FW 2.0m",
"version_value": "FW 2.0m"
}
]
}
}
]
},
"vendor_name": "ORing"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Lorenzo Bazzana and Marino Miculan of Università degli studi di Udine, Michele Codutti of Danieli Automation"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On ORing net IAP-420(+) with FW version 2.0m a telnet server is enabled by default and cannot permanently be disabled. You can connect to the device with with hardcoded credentials and get an administrative shell. These credentials are reset to defaults with every reboot."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912 Hidden Functionality"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mads.uniud.it/2022/09/lord-of-the-orings/",
"refsource": "CONFIRM",
"url": "https://mads.uniud.it/2022/09/lord-of-the-orings/"
}
]
},
"source": {
"defect": [
"CERT@VDE#64203"
],
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "After every reboot telnet to the device and terminate the telnetd process (at least)"
}
]
}