From 94beee3f5777f47c82f2f199d61c21a1f4224108 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 12 Jul 2022 13:48:05 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/38xxx/CVE-2021-38289.json | 61 ++++++++++++++++++++++++++++++---- 2021/44xxx/CVE-2021-44221.json | 5 +-- 2021/44xxx/CVE-2021-44222.json | 5 +-- 2022/25xxx/CVE-2022-25622.json | 2 +- 2022/26xxx/CVE-2022-26647.json | 5 +-- 2022/26xxx/CVE-2022-26648.json | 5 +-- 2022/26xxx/CVE-2022-26649.json | 5 +-- 2022/27xxx/CVE-2022-27241.json | 2 +- 2022/29xxx/CVE-2022-29560.json | 5 +-- 2022/29xxx/CVE-2022-29884.json | 5 +-- 2022/29xxx/CVE-2022-29931.json | 2 +- 2022/2xxx/CVE-2022-2389.json | 18 ++++++++++ 2022/2xxx/CVE-2022-2390.json | 18 ++++++++++ 2022/30xxx/CVE-2022-30938.json | 5 +-- 2022/31xxx/CVE-2022-31257.json | 5 +-- 2022/33xxx/CVE-2022-33137.json | 5 +-- 2022/33xxx/CVE-2022-33138.json | 5 +-- 2022/33xxx/CVE-2022-33736.json | 7 ++-- 2022/34xxx/CVE-2022-34272.json | 5 +-- 2022/34xxx/CVE-2022-34273.json | 7 ++-- 2022/34xxx/CVE-2022-34274.json | 7 ++-- 2022/34xxx/CVE-2022-34275.json | 7 ++-- 2022/34xxx/CVE-2022-34276.json | 7 ++-- 2022/34xxx/CVE-2022-34277.json | 7 ++-- 2022/34xxx/CVE-2022-34278.json | 5 +-- 2022/34xxx/CVE-2022-34279.json | 7 ++-- 2022/34xxx/CVE-2022-34280.json | 5 +-- 2022/34xxx/CVE-2022-34281.json | 5 +-- 2022/34xxx/CVE-2022-34282.json | 5 +-- 2022/34xxx/CVE-2022-34283.json | 5 +-- 2022/34xxx/CVE-2022-34284.json | 7 ++-- 2022/34xxx/CVE-2022-34285.json | 5 +-- 2022/34xxx/CVE-2022-34286.json | 5 +-- 2022/34xxx/CVE-2022-34287.json | 5 +-- 2022/34xxx/CVE-2022-34288.json | 5 +-- 2022/34xxx/CVE-2022-34289.json | 5 +-- 2022/34xxx/CVE-2022-34290.json | 5 +-- 2022/34xxx/CVE-2022-34291.json | 5 +-- 2022/34xxx/CVE-2022-34464.json | 5 +-- 2022/34xxx/CVE-2022-34465.json | 5 +-- 2022/34xxx/CVE-2022-34466.json | 5 +-- 2022/34xxx/CVE-2022-34467.json | 5 +-- 2022/34xxx/CVE-2022-34663.json | 7 ++-- 2022/34xxx/CVE-2022-34748.json | 5 +-- 2022/34xxx/CVE-2022-34819.json | 5 +-- 2022/34xxx/CVE-2022-34820.json | 5 +-- 2022/34xxx/CVE-2022-34821.json | 5 +-- 47 files changed, 226 insertions(+), 100 deletions(-) create mode 100644 2022/2xxx/CVE-2022-2389.json create mode 100644 2022/2xxx/CVE-2022-2390.json diff --git a/2021/38xxx/CVE-2021-38289.json b/2021/38xxx/CVE-2021-38289.json index c22be9496d3..a374010dfbd 100644 --- a/2021/38xxx/CVE-2021-38289.json +++ b/2021/38xxx/CVE-2021-38289.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-38289", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-38289", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker privilege escalation and allows attackers to view corporate information and SMTP server details, delete users, view roles, and other unspecified impacts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation", + "refsource": "MISC", + "name": "https://github.com/viperbluff/Novastar-VNNOX-iCare-Privilege-Escalation" + }, + { + "refsource": "MISC", + "name": "https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ", + "url": "https://twitter.com/viperbluff/status/1439941380244230150?s=20&t=iPSn8eNxaxUKis5OKSQJRQ" } ] } diff --git a/2021/44xxx/CVE-2021-44221.json b/2021/44xxx/CVE-2021-44221.json index f91face31d9..678a8eb7512 100644 --- a/2021/44xxx/CVE-2021-44221.json +++ b/2021/44xxx/CVE-2021-44221.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf" } ] } diff --git a/2021/44xxx/CVE-2021-44222.json b/2021/44xxx/CVE-2021-44222.json index a5f40f8cbea..d27a9200545 100644 --- a/2021/44xxx/CVE-2021-44222.json +++ b/2021/44xxx/CVE-2021-44222.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-580125.pdf" } ] } diff --git a/2022/25xxx/CVE-2022-25622.json b/2022/25xxx/CVE-2022-25622.json index 09b75cf47b9..d4dca1fef6f 100644 --- a/2022/25xxx/CVE-2022-25622.json +++ b/2022/25xxx/CVE-2022-25622.json @@ -456,7 +456,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined.\n\nThis could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments." + "value": "A vulnerability has been identified in SIMATIC CFU DIQ (All versions), SIMATIC CFU PA (All versions), SIMATIC ET200AL IM157-1 PN (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 MF HF (All versions), SIMATIC ET200SP IM155-6 PN HA (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/2 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200SP IM155-6 PN/3 HF (incl. SIPLUS variants) (All versions >= V4.2), SIMATIC ET200ecoPN, CM 8x IO-Link, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 16x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DI 8x24VDC, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DIQ 16x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/0,5A, M12-L (All versions >= V5.1.1), SIMATIC ET200ecoPN, DQ 8x24VDC/2A, M12-L (All versions >= V5.1.1), SIMATIC PN/MF Coupler (All versions), SIMATIC PN/PN Coupler (All versions >= 4.2), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.0.0), SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V10 CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-410 V8 CPU family (incl. SIPLUS variants) (All versions), SIMATIC TDC CP51M1 (All versions), SIMATIC TDC CPU555 (All versions), SIMATIC WinAC RTX (All versions), SIMIT Simulation Platform (All versions), SINAMICS DCM (All versions with Ethernet interface), SINAMICS G110M (All versions with Ethernet interface), SINAMICS G115D (All versions with Ethernet interface), SINAMICS G120 (incl. SIPLUS variants) (All versions with Ethernet interface), SINAMICS G130 (All versions), SINAMICS G150 (All versions), SINAMICS S110 (All versions with Ethernet interface), SINAMICS S120 (incl. SIPLUS variants) (All versions), SINAMICS S150 (All versions), SINAMICS S210 (All versions), SINAMICS V90 (All versions with Ethernet interface), SIPLUS HCS4200 CIM4210 (All versions), SIPLUS HCS4200 CIM4210C (All versions), SIPLUS HCS4300 CIM4310 (All versions), SIPLUS NET PN/PN Coupler (All versions >= 4.2). The PROFINET (PNIO) stack, when integrated with the Interniche IP stack, improperly handles internal resources for TCP segments where the minimum TCP-Header length is less than defined. This could allow an attacker to create a denial of service condition for TCP services on affected devices by sending specially crafted TCP segments." } ] }, diff --git a/2022/26xxx/CVE-2022-26647.json b/2022/26xxx/CVE-2022-26647.json index 942eae19314..35d903764d7 100644 --- a/2022/26xxx/CVE-2022-26647.json +++ b/2022/26xxx/CVE-2022-26647.json @@ -423,8 +423,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" } ] } diff --git a/2022/26xxx/CVE-2022-26648.json b/2022/26xxx/CVE-2022-26648.json index 83187090c6e..316d17707ec 100644 --- a/2022/26xxx/CVE-2022-26648.json +++ b/2022/26xxx/CVE-2022-26648.json @@ -423,8 +423,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" } ] } diff --git a/2022/26xxx/CVE-2022-26649.json b/2022/26xxx/CVE-2022-26649.json index 0ddc3e4869d..4fc3718a463 100644 --- a/2022/26xxx/CVE-2022-26649.json +++ b/2022/26xxx/CVE-2022-26649.json @@ -423,8 +423,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-310038.pdf" } ] } diff --git a/2022/27xxx/CVE-2022-27241.json b/2022/27xxx/CVE-2022-27241.json index a86cdcca170..9b618bf26ab 100644 --- a/2022/27xxx/CVE-2022-27241.json +++ b/2022/27xxx/CVE-2022-27241.json @@ -76,7 +76,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure.\nThis could allow an unauthenticated remote attacker to read confidential information." + "value": "A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.31), Mendix Applications using Mendix 8 (All versions < V8.18.18), Mendix Applications using Mendix 9 (All versions < V9.11), Mendix Applications using Mendix 9 (V9.6) (All versions < V9.6.12). Applications built with an affected system publicly expose the internal project structure. This could allow an unauthenticated remote attacker to read confidential information." } ] }, diff --git a/2022/29xxx/CVE-2022-29560.json b/2022/29xxx/CVE-2022-29560.json index f9cdfb0c6b2..940c896b8a5 100644 --- a/2022/29xxx/CVE-2022-29560.json +++ b/2022/29xxx/CVE-2022-29560.json @@ -153,8 +153,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599506.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-599506.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-599506.pdf" } ] } diff --git a/2022/29xxx/CVE-2022-29884.json b/2022/29xxx/CVE-2022-29884.json index 25b5cf3f781..2162d98606e 100644 --- a/2022/29xxx/CVE-2022-29884.json +++ b/2022/29xxx/CVE-2022-29884.json @@ -83,8 +83,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491621.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-491621.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-491621.pdf" } ] } diff --git a/2022/29xxx/CVE-2022-29931.json b/2022/29xxx/CVE-2022-29931.json index 5df2d8d2998..aefeefe7781 100644 --- a/2022/29xxx/CVE-2022-29931.json +++ b/2022/29xxx/CVE-2022-29931.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Raytion 7.2.0 allows reflected Cross-site Scripting (XSS)." + "value": "The administration interface of the Raytion Custom Security Manager (Raytion CSM) in Version 7.2.0 allows reflected Cross-site Scripting (XSS)." } ] }, diff --git a/2022/2xxx/CVE-2022-2389.json b/2022/2xxx/CVE-2022-2389.json new file mode 100644 index 00000000000..73046dd30f9 --- /dev/null +++ b/2022/2xxx/CVE-2022-2389.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-2389", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/2xxx/CVE-2022-2390.json b/2022/2xxx/CVE-2022-2390.json new file mode 100644 index 00000000000..b569fd2d620 --- /dev/null +++ b/2022/2xxx/CVE-2022-2390.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-2390", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30938.json b/2022/30xxx/CVE-2022-30938.json index 494d70feba1..5e9efddd54d 100644 --- a/2022/30xxx/CVE-2022-30938.json +++ b/2022/30xxx/CVE-2022-30938.json @@ -93,8 +93,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865333.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865333.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-865333.pdf" } ] } diff --git a/2022/31xxx/CVE-2022-31257.json b/2022/31xxx/CVE-2022-31257.json index f4f5e7e20ec..a5b8387b938 100644 --- a/2022/31xxx/CVE-2022-31257.json +++ b/2022/31xxx/CVE-2022-31257.json @@ -93,8 +93,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433782.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-433782.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-433782.pdf" } ] } diff --git a/2022/33xxx/CVE-2022-33137.json b/2022/33xxx/CVE-2022-33137.json index 7398b9bd71f..53d9fdf0af2 100644 --- a/2022/33xxx/CVE-2022-33137.json +++ b/2022/33xxx/CVE-2022-33137.json @@ -103,8 +103,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf" } ] } diff --git a/2022/33xxx/CVE-2022-33138.json b/2022/33xxx/CVE-2022-33138.json index 74ef0080689..d87a8c4c032 100644 --- a/2022/33xxx/CVE-2022-33138.json +++ b/2022/33xxx/CVE-2022-33138.json @@ -103,8 +103,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-348662.pdf" } ] } diff --git a/2022/33xxx/CVE-2022-33736.json b/2022/33xxx/CVE-2022-33736.json index 3d5107f0c00..fefc3f44267 100644 --- a/2022/33xxx/CVE-2022-33736.json +++ b/2022/33xxx/CVE-2022-33736.json @@ -56,15 +56,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials." + "value": "A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials." } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-944952.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34272.json b/2022/34xxx/CVE-2022-34272.json index 002a9e8fec7..03348148995 100644 --- a/2022/34xxx/CVE-2022-34272.json +++ b/2022/34xxx/CVE-2022-34272.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34273.json b/2022/34xxx/CVE-2022-34273.json index 0ccbb6fc4d6..4ac56db1cd5 100644 --- a/2022/34xxx/CVE-2022-34273.json +++ b/2022/34xxx/CVE-2022-34273.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34274.json b/2022/34xxx/CVE-2022-34274.json index d1ed8f6994b..0b672b9bfe5 100644 --- a/2022/34xxx/CVE-2022-34274.json +++ b/2022/34xxx/CVE-2022-34274.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34275.json b/2022/34xxx/CVE-2022-34275.json index 6486089f505..5281d1cc1c2 100644 --- a/2022/34xxx/CVE-2022-34275.json +++ b/2022/34xxx/CVE-2022-34275.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34276.json b/2022/34xxx/CVE-2022-34276.json index 8f9f74445cc..28e7985f0d1 100644 --- a/2022/34xxx/CVE-2022-34276.json +++ b/2022/34xxx/CVE-2022-34276.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34277.json b/2022/34xxx/CVE-2022-34277.json index b1fdb5abbaf..f1e0c8a9f95 100644 --- a/2022/34xxx/CVE-2022-34277.json +++ b/2022/34xxx/CVE-2022-34277.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-042)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34278.json b/2022/34xxx/CVE-2022-34278.json index 35f5b38f9ab..10508ad6294 100644 --- a/2022/34xxx/CVE-2022-34278.json +++ b/2022/34xxx/CVE-2022-34278.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34279.json b/2022/34xxx/CVE-2022-34279.json index 5015587f40d..f21b3957f5b 100644 --- a/2022/34xxx/CVE-2022-34279.json +++ b/2022/34xxx/CVE-2022-34279.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-044)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing PCB files. An attacker could leverage this vulnerability to execute code in the context of the current process. (FG-VD-22-044)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34280.json b/2022/34xxx/CVE-2022-34280.json index f9257983035..7cf67469e64 100644 --- a/2022/34xxx/CVE-2022-34280.json +++ b/2022/34xxx/CVE-2022-34280.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34281.json b/2022/34xxx/CVE-2022-34281.json index 4200c71775e..2dd337400f9 100644 --- a/2022/34xxx/CVE-2022-34281.json +++ b/2022/34xxx/CVE-2022-34281.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34282.json b/2022/34xxx/CVE-2022-34282.json index 65d78205187..5d33d121eed 100644 --- a/2022/34xxx/CVE-2022-34282.json +++ b/2022/34xxx/CVE-2022-34282.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34283.json b/2022/34xxx/CVE-2022-34283.json index a7141cae3e8..d0acc94aa41 100644 --- a/2022/34xxx/CVE-2022-34283.json +++ b/2022/34xxx/CVE-2022-34283.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34284.json b/2022/34xxx/CVE-2022-34284.json index 5140314eb71..ebf69899448 100644 --- a/2022/34xxx/CVE-2022-34284.json +++ b/2022/34xxx/CVE-2022-34284.json @@ -46,15 +46,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049)" + "value": "A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049)" } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34285.json b/2022/34xxx/CVE-2022-34285.json index b1852950f45..1b1afcbc964 100644 --- a/2022/34xxx/CVE-2022-34285.json +++ b/2022/34xxx/CVE-2022-34285.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34286.json b/2022/34xxx/CVE-2022-34286.json index dfb93da699c..f1309e9a99b 100644 --- a/2022/34xxx/CVE-2022-34286.json +++ b/2022/34xxx/CVE-2022-34286.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34287.json b/2022/34xxx/CVE-2022-34287.json index 1e4a7f39b96..bd9395b8b7c 100644 --- a/2022/34xxx/CVE-2022-34287.json +++ b/2022/34xxx/CVE-2022-34287.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34288.json b/2022/34xxx/CVE-2022-34288.json index 1f92abfa12a..4b06f5e210a 100644 --- a/2022/34xxx/CVE-2022-34288.json +++ b/2022/34xxx/CVE-2022-34288.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34289.json b/2022/34xxx/CVE-2022-34289.json index 9afd0885352..aa2f589c41f 100644 --- a/2022/34xxx/CVE-2022-34289.json +++ b/2022/34xxx/CVE-2022-34289.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34290.json b/2022/34xxx/CVE-2022-34290.json index b9dc29d1be7..40fb6c7ace3 100644 --- a/2022/34xxx/CVE-2022-34290.json +++ b/2022/34xxx/CVE-2022-34290.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34291.json b/2022/34xxx/CVE-2022-34291.json index e69794354c5..ea0504b75c4 100644 --- a/2022/34xxx/CVE-2022-34291.json +++ b/2022/34xxx/CVE-2022-34291.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-439148.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34464.json b/2022/34xxx/CVE-2022-34464.json index 14cbf4983d9..01b9ac4548d 100644 --- a/2022/34xxx/CVE-2022-34464.json +++ b/2022/34xxx/CVE-2022-34464.json @@ -83,8 +83,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34465.json b/2022/34xxx/CVE-2022-34465.json index f6e793bd9bb..44ae38e747a 100644 --- a/2022/34xxx/CVE-2022-34465.json +++ b/2022/34xxx/CVE-2022-34465.json @@ -83,8 +83,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-243317.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34466.json b/2022/34xxx/CVE-2022-34466.json index 8ed588fe751..de6958e2d71 100644 --- a/2022/34xxx/CVE-2022-34466.json +++ b/2022/34xxx/CVE-2022-34466.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-492173.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-492173.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-492173.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34467.json b/2022/34xxx/CVE-2022-34467.json index 7c8a2c85953..a1cc108bc95 100644 --- a/2022/34xxx/CVE-2022-34467.json +++ b/2022/34xxx/CVE-2022-34467.json @@ -63,8 +63,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-610768.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-610768.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-610768.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34663.json b/2022/34xxx/CVE-2022-34663.json index d86158d717a..f00a5d440b9 100644 --- a/2022/34xxx/CVE-2022-34663.json +++ b/2022/34xxx/CVE-2022-34663.json @@ -586,15 +586,16 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Affected devices are vulnerable to a web-based code injection attack via the console.\n\nAn attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected\ndevice." + "value": "A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions), RUGGEDCOM ROS M2200 (All versions), RUGGEDCOM ROS M969 (All versions), RUGGEDCOM ROS RMC (All versions), RUGGEDCOM ROS RMC20 (All versions), RUGGEDCOM ROS RMC30 (All versions), RUGGEDCOM ROS RMC40 (All versions), RUGGEDCOM ROS RMC41 (All versions), RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RP110 (All versions), RUGGEDCOM ROS RS400 (All versions), RUGGEDCOM ROS RS401 (All versions), RUGGEDCOM ROS RS416 (All versions), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS8000 (All versions), RUGGEDCOM ROS RS8000A (All versions), RUGGEDCOM ROS RS8000H (All versions), RUGGEDCOM ROS RS8000T (All versions), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (All versions), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900GP (All versions), RUGGEDCOM ROS RS900L (All versions), RUGGEDCOM ROS RS900W (All versions), RUGGEDCOM ROS RS910 (All versions), RUGGEDCOM ROS RS910L (All versions), RUGGEDCOM ROS RS910W (All versions), RUGGEDCOM ROS RS920L (All versions), RUGGEDCOM ROS RS920W (All versions), RUGGEDCOM ROS RS930L (All versions), RUGGEDCOM ROS RS930W (All versions), RUGGEDCOM ROS RS940G (All versions), RUGGEDCOM ROS RS969 (All versions), RUGGEDCOM ROS RSG2100 (All versions), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100P (All versions), RUGGEDCOM ROS RSG2200 (All versions), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < V5.6.0), RUGGEDCOM ROS RST2228 (All versions < V5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < V5.6.0), RUGGEDCOM ROS RST916P (All versions < V5.6.0), RUGGEDCOM ROS i800 (All versions), RUGGEDCOM ROS i801 (All versions), RUGGEDCOM ROS i802 (All versions), RUGGEDCOM ROS i803 (All versions). Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device." } ] }, "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840800.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-840800.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-840800.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34748.json b/2022/34xxx/CVE-2022-34748.json index fcc4cf37aeb..9e266055621 100644 --- a/2022/34xxx/CVE-2022-34748.json +++ b/2022/34xxx/CVE-2022-34748.json @@ -53,8 +53,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-474231.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-474231.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-474231.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34819.json b/2022/34xxx/CVE-2022-34819.json index 842e08867d0..3286f3aa98e 100644 --- a/2022/34xxx/CVE-2022-34819.json +++ b/2022/34xxx/CVE-2022-34819.json @@ -193,8 +193,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34820.json b/2022/34xxx/CVE-2022-34820.json index 893e59879f9..e90a8ba2839 100644 --- a/2022/34xxx/CVE-2022-34820.json +++ b/2022/34xxx/CVE-2022-34820.json @@ -193,8 +193,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" } ] } diff --git a/2022/34xxx/CVE-2022-34821.json b/2022/34xxx/CVE-2022-34821.json index 5aece5fc83b..2c2b0ce9e21 100644 --- a/2022/34xxx/CVE-2022-34821.json +++ b/2022/34xxx/CVE-2022-34821.json @@ -193,8 +193,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" + "refsource": "MISC", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf", + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-517377.pdf" } ] }