nvd-json-data-feeds/CVE-2022/CVE-2022-476xx/CVE-2022-47648.json

{
  "id": "CVE-2022-47648",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-02-08T21:15:10.707",
  "lastModified": "2023-03-07T20:15:08.917",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "** UNSUPPORTED WHEN ASSIGNED ** Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its authentication mechanism, allowing attackers to access the device as long as they are on the same network as a legitimate user."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "ADJACENT_NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ]
    }
  ],
  "configurations": [
    {
      "operator": "AND",
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:bosch:b420_firmware:02.02.0001:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B7DA704-7E31-42CE-894A-7F1F14208E14"
            }
          ]
        },
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": false,
              "criteria": "cpe:2.3:h:bosch:b420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F84AE9E-DFCD-41BE-92B7-93501C756316"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://pastebin.com/raw/0CGTpiEn",
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ]
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2022-47648",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-02-08T21:15:10.707",`
			`"lastModified": "2023-03-07T20:15:08.917",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": " UNSUPPORTED WHEN ASSIGNED Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its authentication mechanism, allowing attackers to access the device as long as they are on the same network as a legitimate user."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",`
			`"attackVector": "ADJACENT_NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 8.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 2.8,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-863"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"operator": "AND",`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:o:bosch:b420_firmware:02.02.0001:::::::*",`
			`"matchCriteriaId": "9B7DA704-7E31-42CE-894A-7F1F14208E14"`
			`}`
			`]`
			`},`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": false,`
			`"criteria": "cpe:2.3:h:bosch:b420:-:::::::*",`
			`"matchCriteriaId": "5F84AE9E-DFCD-41BE-92B7-93501C756316"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://drive.google.com/drive/folders/16jvVFyp9RlHvXvq7qbOCjCs1jiAPT3i_?usp=sharing",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`},`
			`{`
			`"url": "https://pastebin.com/raw/0CGTpiEn",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Third Party Advisory"`
			`]`
			`}`
			`]`
			`}`