admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 09:41:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-251xx/CVE-2022-25157.json

559 lines
19 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2022-25157",
"sourceIdentifier": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"published": "2022-04-01T23:15:14.297",
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
"lastModified": "2024-11-21T06:51:42.840",
bootstrap
2023-04-24 12:24:31 +02:00
"vulnStatus": "Modified",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"cveTags": [],
bootstrap
2023-04-24 12:24:31 +02:00
"descriptions": [
{
"lang": "en",
"value": "Use of Password Hash Instead of Password for Authentication vulnerability in Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU all versions, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU all versions, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU all versions, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(EN)CPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PCPU all versions, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120PSFCPU all versions, Mitsubishi Electric MELSEC iQ-R series R16/32/64MTCPU all versions, Mitsubishi Electric MELSEC iQ-R series RJ71C24(-R2/R4) all versions, Mitsubishi Electric MELSEC iQ-R series RJ71EN71 all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GF11-T2 all versions, Mitsubishi Electric MELSEC iQ-R series RJ71GP21(S)-SX all versions, Mitsubishi Electric MELSEC iQ-R series RJ72GF15-T2 all versions, Mitsubishi Electric MELSEC Q series Q03UDECPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/10/13/20/26/50/100UDEHCPU all versions, Mitsubishi Electric MELSEC Q series Q03/04/06/13/26UDVCPU all versions, Mitsubishi Electric MELSEC Q series Q04/06/13/26UDPVCPU all versions, Mitsubishi Electric MELSEC Q series QJ71C24N(-R2/R4) all versions, Mitsubishi Electric MELSEC Q series QJ71E71-100 all versions, Mitsubishi Electric MELSEC L series L02/06/26CPU(-P) all versions, Mitsubishi Electric MELSEC L series L26CPU-(P)BT all versions, Mitsubishi Electric MELSEC L series LJ71C24(-R2) all versions, Mitsubishi Electric MELSEC L series LJ71E71-100 all versions and Mitsubishi Electric MELSEC L series LJ72GF15-T2 all versions allows a remote unauthenticated attacker to disclose or tamper with the information in the product by using an eavesdropped password hash."
},
{
"lang": "es",
"value": "Vulnerabilidad en el uso del hash de la contrase\u00f1a en lugar de la contrase\u00f1a para la autenticaci\u00f3n en Mitsubishi Electric MELSEC iQ-F series FX5U(C) CPU todas las versiones, Mitsubishi Electric MELSEC iQ-F series FX5UJ CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R00/01/02CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R04/08/16/32/120(ES)CPU todas las versiones, Mitsubishi Electric MELSEC iQ-R series R08/16/32/120SFCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R08/16/32/120PCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R08/16/32/120PSFCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie R16/32/64MTCPU todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71C24(-R2/R4) todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71EN71 todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71GF11-T2 todas las versiones, Mitsubishi Electric MELSEC iQ-R serie RJ71GP21(S)-SX todas las versiones, Mitsubishi Electric MELSEC serie iQ-R RJ72GF15-T2 todas las versiones, Mitsubishi Electric MELSEC serie Q Q03UDECPU todas las versiones, Mitsubishi Electric MELSEC serie Q04/06/10/13/20/26/50/100UDEHCPU todas las versiones, Mitsubishi Electric MELSEC Q serie Q03/04/06/13/26UDVCPU todas las versiones, Mitsubishi Electric MELSEC Q serie Q04/06/13/26UDPVCPU todas las versiones, Mitsubishi Electric MELSEC Q serie QJ71C24N(-R2/R4) todas las versiones, Mitsubishi Electric MELSEC Q serie QJ71E71-100 todas las versiones, Mitsubishi Electric MELSEC serie L L02/06/26CPU(-P) todas las versiones, Mitsubishi Electric MELSEC serie L L26CPU-(P)BT todas las versiones, Mitsubishi Electric MELSEC serie L LJ71C24(-R2) todas las versiones, Mitsubishi Electric MELSEC serie L LJ71E71-100 todas las versiones y Mitsubishi Electric MELSEC serie L LJ72GF15-T2 todas las versiones permiten a un atacante remoto no autenticado revelar o manipular la informaci\u00f3n del producto mediante el uso de un hash de contrase\u00f1a interceptado"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
bootstrap
2023-04-24 12:24:31 +02:00
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
"availabilityImpact": "NONE"
bootstrap
2023-04-24 12:24:31 +02:00
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
"baseScore": 6.4,
bootstrap
2023-04-24 12:24:31 +02:00
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
"availabilityImpact": "NONE"
bootstrap
2023-04-24 12:24:31 +02:00
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
Auto-Update: 2024-04-04T08:42:25.815847+00:00
2024-04-04 08:46:00 +00:00
"value": "CWE-287"
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B8BB34-6DC1-459A-9C82-C54CC44F9D03"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58019A30-5F53-4E6A-AADA-A002C8B73C24"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc-32mr\\/ds-ts_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E10C7797-2505-4B69-94E9-78F931A72D0B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc-32mr\\/ds-ts:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6319D639-CC7B-414E-9DCB-F9D427E8FEF2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E2293F8-1A3F-4880-BCF5-B3A7DFF01F35"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc-32mt\\/d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBBFA917-5DCF-4B0C-8C32-AC384FB880AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C554660B-CDC7-4DAA-8741-CFC546A6D678"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc-32mt\\/dss:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFE160B-32CC-4529-AD35-7467A32B609E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-24mr\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5192EC31-9128-4DCB-ABEA-2EDE141B251C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-24mr\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4BA009-4F0A-427C-9D4A-F8A128F5F8C9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C1BD07A-538D-44BC-A50E-0CD12303EE6E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-24mt\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B284B91-7571-4614-A721-676D1972E2D0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/ess_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFC5E3AC-5403-46FE-8E8D-B2970BC18192"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-24mt\\/ess:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8A69D9-DE42-4953-AD81-40EF7A003823"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-40mr\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E437415B-3072-438C-8054-FB4C8AD780D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-40mr\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B0AA6C3-68CC-454B-A959-707BB20F4E07"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63BA3EA7-C2A4-4A58-914C-63DDB958548B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-40mt\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED5C2F9-C203-40FD-B15C-F91A68FA0DCC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/ess_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE6A1EF8-C44A-466A-BDD2-BED016A9BED2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-40mt\\/ess:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A38E527-6290-49AE-885A-21C4FC77EE96"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-60mr\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B59ED412-6D2A-4B07-B665-6B8EB9FFF173"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-60mr\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8CAF8ED8-B265-4FC5-91AE-CFA4C282E27F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/es_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1D2D59-F506-45D4-BD4A-D69CFDDCD50F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-60mt\\/es:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5B2760-4E56-4FAA-A723-BB7CC28FAFD2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/ess_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AADFEEA-40C3-4F4B-ADFD-4B58DF06E6A3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj-60mt\\/ess:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7625B11E-0A91-46D2-8952-AC0BA956D7A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss-ts_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62AF044F-84FF-4EEB-A0ED-755B94BE8A3B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc-32mt\\/dss-ts:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2122A970-5A7D-40A6-BB97-622B695713ED"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/ds-ts_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9666151-FC68-471D-960F-9A85B2AE513B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uc-32mt\\/ds-ts:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4B64FFA-59CE-46E9-B240-F083B332BFD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:mitsubishielectric:fx5uj_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2526AE1D-EE80-4828-AD4B-DD1E985F238B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:mitsubishielectric:fx5uj:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71622C45-9436-4AC0-8DFC-C05E4F92EA61"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/vu/JVNVU96577897/index.html",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf",
"source": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"tags": [
"Vendor Advisory"
]
Auto-Update: 2024-11-23T15:09:04.070866+00:00
2024-11-23 15:12:23 +00:00
},
{
"url": "https://jvn.jp/vu/JVNVU96577897/index.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-090-04",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-031_en.pdf",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
bootstrap
2023-04-24 12:24:31 +02:00
}
]
}
Reference in New Issue Copy Permalink