nvd-json-data-feeds/CVE-2022/CVE-2022-30xx/CVE-2022-3073.json

{
  "id": "CVE-2022-3073",
  "sourceIdentifier": "info@cert.vde.com",
  "published": "2022-12-14T09:15:09.163",
  "lastModified": "2022-12-16T17:43:10.350",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Quanos \"SCHEMA ST4\" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'."
    },
    {
      "lang": "es",
      "value": "Las plantillas web de ejemplo \"SCHEMA ST4\" de Quanos en la versi\u00f3n Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 o inferior son propensas a la inyecci\u00f3n de JavaScript, lo que permite a un atacante remoto secuestrar sesiones existentes para, por ejemplo, otros servicios web en el mismo entorno o ejecutar scripts. en el entorno del navegador de los usuarios. El script afectado es '*-schema.js'."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "info@cert.vde.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7
      }
    ]
  },
  "weaknesses": [
    {
      "source": "info@cert.vde.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:19_iot_md01_lan_h4_s0011_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "569CCEC3-FD10-4CE3-8B5C-AA63644AACD9"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:19_iot_md01_lan_h4_s0011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AB2397-1F99-4AE1-B7C6-26302A655126"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_4eu_s2_00000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B41A83B-82CB-461D-82B8-CF498E009AB0"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_4eu_s2_00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "74320E31-A4A1-4225-A824-E631DD4AF03D"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D503892C-05EE-4CA4-AFD0-5351D0FFA34E"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D83BF8B-3E58-45E1-AF9D-1BBA686FDF71"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00011_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BE20F9E-D1C2-41DF-B1C4-D3A6980FF116"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00011:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC9BF29F-A06C-4351-8387-6683DD54C585"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:fp_iot_md02_4eu_s3_00000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A64FCB4-25DD-42D8-A917-DA8CDFCD01E7"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:fp_iot_md02_4eu_s3_00000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1960C0B-03ED-4ADF-90D7-01E011A4A295"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:iot-gw30_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.16.0",
              "matchCriteriaId": "AC22126E-97A4-402E-B272-5ED394EC49BA"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:iot-gw30:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B247B94B-4845-4FCC-81E1-4880A7B2B0FE"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.16.0",
              "matchCriteriaId": "DC118184-9A46-407F-AB65-1E8CB53929D1"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:iot-gw30-4g-eu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BD44BDA-E67A-4088-AF77-55C0BEC5782B"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.16.0",
              "matchCriteriaId": "DCC60AC7-5AFA-4135-803B-1592A83FF57C"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:uc20-wl2000-ac:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAD85D18-1A66-487D-80B3-C5E1285685DD"
            }
          ]
        }
      ]
    },
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware:*:*:*:*:*:*:*:*",
              "versionEndIncluding": "1.16.0",
              "matchCriteriaId": "8805CF5B-BB2C-497D-9033-03F0A580FAE1"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:weidmueller:uc20-wl2000-iot:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B98578B6-9F39-4616-A240-0A09832A0A92"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.vde.com/de/advisories/VDE-2022-056/",
      "source": "info@cert.vde.com",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-3073",`
			`"sourceIdentifier": "info@cert.vde.com",`
			`"published": "2022-12-14T09:15:09.163",`
			`"lastModified": "2022-12-16T17:43:10.350",`
			`"vulnStatus": "Analyzed",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Quanos \"SCHEMA ST4\" example web templates in version Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 or below are prone to JavaScript injection allowing a remote attacker to hijack existing sessions to e.g. other web services in the same environment or execute scripts in the users browser environment. The affected script is '*-schema.js'."`
Auto-Update: 2024-04-04T08:42:25.815847+00:00 2024-04-04 08:46:00 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "Las plantillas web de ejemplo \"SCHEMA ST4\" de Quanos en la versi\u00f3n Bootstrap 2019 v2/2021 v1/2022 v1/2022 SP1 v1 o inferior son propensas a la inyecci\u00f3n de JavaScript, lo que permite a un atacante remoto secuestrar sesiones existentes para, por ejemplo, otros servicios web en el mismo entorno o ejecutar scripts. en el entorno del navegador de los usuarios. El script afectado es '*-schema.js'."`
bootstrap 2023-04-24 12:24:31 +02:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "info@cert.vde.com",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "REQUIRED",`
			`"scope": "CHANGED",`
			`"confidentialityImpact": "LOW",`
			`"integrityImpact": "LOW",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 6.1,`
			`"baseSeverity": "MEDIUM"`
			`},`
			`"exploitabilityScore": 2.8,`
			`"impactScore": 2.7`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "info@cert.vde.com",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-79"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:19_iot_md01_lan_h4_s0011_firmware:-:::::::*",`
			`"matchCriteriaId": "569CCEC3-FD10-4CE3-8B5C-AA63644AACD9"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:19_iot_md01_lan_h4_s0011:-:::::::*",`
			`"matchCriteriaId": "F5AB2397-1F99-4AE1-B7C6-26302A655126"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_4eu_s2_00000_firmware:-:::::::*",`
			`"matchCriteriaId": "3B41A83B-82CB-461D-82B8-CF498E009AB0"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_4eu_s2_00000:-:::::::*",`
			`"matchCriteriaId": "74320E31-A4A1-4225-A824-E631DD4AF03D"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00000_firmware:-:::::::*",`
			`"matchCriteriaId": "D503892C-05EE-4CA4-AFD0-5351D0FFA34E"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00000:-:::::::*",`
			`"matchCriteriaId": "8D83BF8B-3E58-45E1-AF9D-1BBA686FDF71"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:fp_iot_md01_lan_s2_00011_firmware:-:::::::*",`
			`"matchCriteriaId": "4BE20F9E-D1C2-41DF-B1C4-D3A6980FF116"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:fp_iot_md01_lan_s2_00011:-:::::::*",`
			`"matchCriteriaId": "BC9BF29F-A06C-4351-8387-6683DD54C585"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:fp_iot_md02_4eu_s3_00000_firmware:-:::::::*",`
			`"matchCriteriaId": "9A64FCB4-25DD-42D8-A917-DA8CDFCD01E7"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:fp_iot_md02_4eu_s3_00000:-:::::::*",`
			`"matchCriteriaId": "C1960C0B-03ED-4ADF-90D7-01E011A4A295"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:iot-gw30_firmware::::::::",`
			`"versionEndIncluding": "1.16.0",`
			`"matchCriteriaId": "AC22126E-97A4-402E-B272-5ED394EC49BA"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:iot-gw30:-:::::::*",`
			`"matchCriteriaId": "B247B94B-4845-4FCC-81E1-4880A7B2B0FE"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:iot-gw30-4g-eu_firmware::::::::",`
			`"versionEndIncluding": "1.16.0",`
			`"matchCriteriaId": "DC118184-9A46-407F-AB65-1E8CB53929D1"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:iot-gw30-4g-eu:-:::::::*",`
			`"matchCriteriaId": "4BD44BDA-E67A-4088-AF77-55C0BEC5782B"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:uc20-wl2000-ac_firmware::::::::",`
			`"versionEndIncluding": "1.16.0",`
			`"matchCriteriaId": "DCC60AC7-5AFA-4135-803B-1592A83FF57C"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:uc20-wl2000-ac:-:::::::*",`
			`"matchCriteriaId": "BAD85D18-1A66-487D-80B3-C5E1285685DD"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:weidmueller:uc20-wl2000-iot_firmware::::::::",`
			`"versionEndIncluding": "1.16.0",`
			`"matchCriteriaId": "8805CF5B-BB2C-497D-9033-03F0A580FAE1"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:weidmueller:uc20-wl2000-iot:-:::::::*",`
			`"matchCriteriaId": "B98578B6-9F39-4616-A240-0A09832A0A92"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://cert.vde.com/de/advisories/VDE-2022-056/",`
			`"source": "info@cert.vde.com",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`}`
			`]`
			`}`