admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 19:46:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Siemens AD-2022-09

Browse Source
This commit is contained in:
Siemens ProductCERT 2022-09-13 11:32:40 +02:00
parent 94af0491ab
commit fe43688852
27 changed files with 7900 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
2022/34xxx/CVE-2022-34465.json
View File

@ -45,11 +45,21 @@
}
},
{
"product_name": "Simcenter Femap",
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions"
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
@ -76,7 +86,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap (All versions). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)"
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.250), Parasolid V34.1 (All versions < V34.1.233), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds read past the end of an allocated structure while parsing specially crafted NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15420)"
}
]
},

1778
2022/36xxx/CVE-2022-36323.json
View File

File diff suppressed because it is too large Load Diff

1734
2022/36xxx/CVE-2022-36324.json
View File

File diff suppressed because it is too large Load Diff

1778
2022/36xxx/CVE-2022-36325.json
View File

File diff suppressed because it is too large Load Diff

75
2022/37xxx/CVE-2022-37011.json
View File

@ -1,17 +1,80 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-37011",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-37011",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Mendix SAML Module (Mendix 7 compatible)",
"version": {
"version_data": [
{
"version_value": "All versions < V1.17.0"
}
]
}
},
{
"product_name": "Mendix SAML Module (Mendix 8 compatible)",
"version": {
"version_data": [
{
"version_value": "All versions < V2.3.0"
}
]
}
},
{
"product_name": "Mendix SAML Module (Mendix 9 compatible)",
"version": {
"version_data": [
{
"version_value": "All versions < V3.3.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-294: Authentication Bypass by Capture-replay"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Mendix SAML Module (Mendix 7 compatible) (All versions < V1.17.0), Mendix SAML Module (Mendix 8 compatible) (All versions < V2.3.0), Mendix SAML Module (Mendix 9 compatible) (All versions < V3.3.1). Affected versions of the module insufficiently protect from packet capture replay. This could allow unauthorized remote attackers to bypass authentication and get access to the application.\n\nFor compatibility reasons, fix versions still contain this issue, but only when the not recommended, non default configuration option `'Allow Idp Initiated Authentication'` is enabled."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-638652.pdf"
}
]
}

55
2022/38xxx/CVE-2022-38466.json
View File

@ -1,17 +1,60 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-38466",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38466",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "CoreShield One-Way Gateway (OWG) Software",
"version": {
"version_data": [
{
"version_value": "All versions < V2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-589975.pdf"
}
]
}

105
2022/39xxx/CVE-2022-39137.json
View File

@ -1,17 +1,110 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39137",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39137",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17276)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

105
2022/39xxx/CVE-2022-39138.json
View File

@ -1,17 +1,110 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39138",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39138",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17284)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

105
2022/39xxx/CVE-2022-39139.json
View File

@ -1,17 +1,110 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39139",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39139",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17289)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

105
2022/39xxx/CVE-2022-39140.json
View File

@ -1,17 +1,110 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39140",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39140",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17292)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

105
2022/39xxx/CVE-2022-39141.json
View File

@ -1,17 +1,110 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39141",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39141",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-17296)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39142.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39142",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39142",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17485)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39143.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39143",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17493)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39144.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39144",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17494)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39145.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39145",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17496)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39146.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39146",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39146",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824: Access of Uninitialized Pointer"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17502)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39147.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39147",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39147",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824: Access of Uninitialized Pointer"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted X_T files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-17506)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39148.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39148",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39148",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17513)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39149.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39149",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39149",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17733)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39150.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39150",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39150",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17735)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39151.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39151",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39151",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17736)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39152.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39152",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39152",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17740)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39153.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39153",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39153",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18187)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39154.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39154",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39154",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18188)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39155.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39155",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39155",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18192)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

125
2022/39xxx/CVE-2022-39156.json
View File

@ -1,17 +1,130 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39156",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39156",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions < V33.1.262"
}
]
}
},
{
"product_name": "Parasolid V33.1",
"version": {
"version_data": [
{
"version_value": "All versions >= V33.1.262 < V33.1.263"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_value": "All versions < V34.0.252"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_value": "All versions < V34.1.242"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions < V35.0.161"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_value": "All versions >= V35.0.161 < V35.0.164"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.1",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.1.3"
}
]
}
},
{
"product_name": "Simcenter Femap V2022.2",
"version": {
"version_data": [
{
"version_value": "All versions < V2022.2.2"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262), Parasolid V33.1 (All versions >= V33.1.262 < V33.1.263), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.161), Parasolid V35.0 (All versions >= V35.0.161 < V35.0.164), Simcenter Femap V2022.1 (All versions < V2022.1.3), Simcenter Femap V2022.2 (All versions < V2022.2.2). The affected application is vulnerable to out of bounds read past the end of an allocated buffer when parsing X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-18196)"
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-518824.pdf"
}
]
}

245
2022/39xxx/CVE-2022-39158.json
View File

@ -1,17 +1,250 @@
{
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-39158",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39158",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM ROS RMC8388",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RS416Pv2",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RS416v2",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RS900 (32M)",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RS900G (32M)",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG2100 (32M)",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG2288",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG2300",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG2300P",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG2488",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG907R",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG908C",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG909R",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG910C",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSG920P",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RSL910",
"version": {
"version_data": [
{
"version_value": "All versions < v5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RST2228",
"version": {
"version_data": [
{
"version_value": "All versions < v5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RST2228P",
"version": {
"version_data": [
{
"version_value": "All versions < V5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RST916C",
"version": {
"version_data": [
{
"version_value": "All versions < v5.6.0"
}
]
}
},
{
"product_name": "RUGGEDCOM ROS RST916P",
"version": {
"version_data": [
{
"version_value": "All versions < v5.6.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM ROS RMC8388 (All versions < V5.6.0), RUGGEDCOM ROS RS416Pv2 (All versions < V5.6.0), RUGGEDCOM ROS RS416v2 (All versions < V5.6.0), RUGGEDCOM ROS RS900 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RS900G (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2100 (32M) (All versions < V5.6.0), RUGGEDCOM ROS RSG2288 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300 (All versions < V5.6.0), RUGGEDCOM ROS RSG2300P (All versions < V5.6.0), RUGGEDCOM ROS RSG2488 (All versions < V5.6.0), RUGGEDCOM ROS RSG907R (All versions < V5.6.0), RUGGEDCOM ROS RSG908C (All versions < V5.6.0), RUGGEDCOM ROS RSG909R (All versions < V5.6.0), RUGGEDCOM ROS RSG910C (All versions < V5.6.0), RUGGEDCOM ROS RSG920P (All versions < V5.6.0), RUGGEDCOM ROS RSL910 (All versions < v5.6.0), RUGGEDCOM ROS RST2228 (All versions < v5.6.0), RUGGEDCOM ROS RST2228P (All versions < V5.6.0), RUGGEDCOM ROS RST916C (All versions < v5.6.0), RUGGEDCOM ROS RST916P (All versions < v5.6.0). Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks.\n\nThis could allow a remote attacker to create a denial of service condition that persists until the attack ends."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-459643.pdf"
}
]
}