From 3a62f26b0d3444ded20281bacb6f535c24ead82d Mon Sep 17 00:00:00 2001
From: Jochen Becker <jochen.becker@becker-ikt.de>
Date: Wed, 10 Aug 2022 12:16:25 +0200
Subject: [PATCH] add 1 CVE

---
 2022/2xxx/CVE-2022-2242.json | 85 +++++++++++++++++++++++++++++++++---
 1 file changed, 79 insertions(+), 6 deletions(-)

diff --git a/2022/2xxx/CVE-2022-2242.json b/2022/2xxx/CVE-2022-2242.json
index 9866f9027a6..638376165fa 100644
--- a/2022/2xxx/CVE-2022-2242.json
+++ b/2022/2xxx/CVE-2022-2242.json
@@ -1,18 +1,91 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
+        "ASSIGNER": "info@cert.vde.com",
+        "DATE_PUBLIC": "2022-08-10T10:00:00.000Z",
         "ID": "CVE-2022-2242",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC",
+        "TITLE": "KUKA V/KSS WoV SH access control vulnerability"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "SystemSoftware V/KSS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "8.2",
+                                            "version_value": "8.6.5"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "KUKA"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not available or not enabled (default)."
             }
         ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.0.9"
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "LOW",
+            "attackVector": "NETWORK",
+            "availabilityImpact": "HIGH",
+            "baseScore": 9.8,
+            "baseSeverity": "CRITICAL",
+            "confidentialityImpact": "HIGH",
+            "integrityImpact": "HIGH",
+            "privilegesRequired": "NONE",
+            "scope": "UNCHANGED",
+            "userInteraction": "NONE",
+            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+            "version": "3.1"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-306 Missing Authentication for Critical Function"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "https://www.kuka.com/advisories-CVE-2022-2242",
+                "refsource": "CONFIRM",
+                "url": "https://www.kuka.com/advisories-CVE-2022-2242"
+            }
+        ]
+    },
+    "source": {
+        "defect": [
+            "CERT@VDE#64153"
+        ],
+        "discovery": "UNKNOWN"
     }
 }
\ No newline at end of file